Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
Typedeb
Namespacedebian
Namephp7.4
Version7.4.33-1+deb11u5
Qualifiers
distro bullseye
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version7.4.33-1+deb11u6
Latest_non_vulnerable_version7.4.33-1+deb11u10
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-11jg-tu1t-abh6
vulnerability_id VCID-11jg-tu1t-abh6
summary Multiple vulnerabilities have been found in PHP, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31629.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31629.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31629
reference_id
reference_type
scores
0
value 0.15416
scoring_system epss
scoring_elements 0.94621
published_at 2026-04-02T12:55:00Z
1
value 0.15416
scoring_system epss
scoring_elements 0.94667
published_at 2026-04-21T12:55:00Z
2
value 0.15416
scoring_system epss
scoring_elements 0.94627
published_at 2026-04-04T12:55:00Z
3
value 0.15416
scoring_system epss
scoring_elements 0.94628
published_at 2026-04-07T12:55:00Z
4
value 0.15416
scoring_system epss
scoring_elements 0.94638
published_at 2026-04-08T12:55:00Z
5
value 0.15416
scoring_system epss
scoring_elements 0.94642
published_at 2026-04-09T12:55:00Z
6
value 0.15416
scoring_system epss
scoring_elements 0.94647
published_at 2026-04-11T12:55:00Z
7
value 0.15416
scoring_system epss
scoring_elements 0.94651
published_at 2026-04-13T12:55:00Z
8
value 0.15416
scoring_system epss
scoring_elements 0.94659
published_at 2026-04-16T12:55:00Z
9
value 0.15416
scoring_system epss
scoring_elements 0.94662
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31629
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
6
reference_url http://www.openwall.com/lists/oss-security/2024/04/12/11
reference_id 11
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url http://www.openwall.com/lists/oss-security/2024/04/12/11
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2133687
reference_id 2133687
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2133687
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/
reference_id 2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/
9
reference_url https://bugs.php.net/bug.php?id=81727
reference_id bug.php?id=81727
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://bugs.php.net/bug.php?id=81727
10
reference_url https://www.debian.org/security/2022/dsa-5277
reference_id dsa-5277
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://www.debian.org/security/2022/dsa-5277
11
reference_url https://security.gentoo.org/glsa/202211-03
reference_id GLSA-202211-03
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://security.gentoo.org/glsa/202211-03
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/
reference_id KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/
reference_id LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/
14
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html
reference_id msg00030.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html
15
reference_url https://security.netapp.com/advisory/ntap-20221209-0001/
reference_id ntap-20221209-0001
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://security.netapp.com/advisory/ntap-20221209-0001/
16
reference_url https://access.redhat.com/errata/RHSA-2023:0848
reference_id RHSA-2023:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0848
17
reference_url https://access.redhat.com/errata/RHSA-2023:0965
reference_id RHSA-2023:0965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0965
18
reference_url https://access.redhat.com/errata/RHSA-2023:2417
reference_id RHSA-2023:2417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2417
19
reference_url https://access.redhat.com/errata/RHSA-2023:2903
reference_id RHSA-2023:2903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2903
20
reference_url https://usn.ubuntu.com/5717-1/
reference_id USN-5717-1
reference_type
scores
url https://usn.ubuntu.com/5717-1/
21
reference_url https://usn.ubuntu.com/5905-1/
reference_id USN-5905-1
reference_type
scores
url https://usn.ubuntu.com/5905-1/
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/
reference_id VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/
reference_id XNIEABBH5XCXLFWWZYIDE457SPEDZTXV
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/
reference_id ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T18:53:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2022-31629
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-11jg-tu1t-abh6
1
url VCID-1re1-15w4-cqeq
vulnerability_id VCID-1re1-15w4-cqeq
summary php: Leak partial content of the heap through heap buffer over-read in mysqlnd
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8929.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8929.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8929
reference_id
reference_type
scores
0
value 0.00663
scoring_system epss
scoring_elements 0.71221
published_at 2026-04-18T12:55:00Z
1
value 0.00663
scoring_system epss
scoring_elements 0.71176
published_at 2026-04-09T12:55:00Z
2
value 0.00663
scoring_system epss
scoring_elements 0.71199
published_at 2026-04-21T12:55:00Z
3
value 0.00663
scoring_system epss
scoring_elements 0.71185
published_at 2026-04-12T12:55:00Z
4
value 0.00663
scoring_system epss
scoring_elements 0.71169
published_at 2026-04-13T12:55:00Z
5
value 0.00663
scoring_system epss
scoring_elements 0.71215
published_at 2026-04-16T12:55:00Z
6
value 0.00663
scoring_system epss
scoring_elements 0.71121
published_at 2026-04-07T12:55:00Z
7
value 0.00663
scoring_system epss
scoring_elements 0.71163
published_at 2026-04-08T12:55:00Z
8
value 0.00681
scoring_system epss
scoring_elements 0.71566
published_at 2026-04-02T12:55:00Z
9
value 0.00681
scoring_system epss
scoring_elements 0.71584
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8929
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8929
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
reference_id 1088688
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2327960
reference_id 2327960
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2327960
6
reference_url https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678
reference_id GHSA-h35g-vwh6-m678
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-22T17:37:12Z/
url https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678
7
reference_url https://access.redhat.com/errata/RHSA-2025:15687
reference_id RHSA-2025:15687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15687
8
reference_url https://access.redhat.com/errata/RHSA-2025:4263
reference_id RHSA-2025:4263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4263
9
reference_url https://access.redhat.com/errata/RHSA-2025:7315
reference_id RHSA-2025:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7315
10
reference_url https://access.redhat.com/errata/RHSA-2025:7432
reference_id RHSA-2025:7432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7432
11
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
12
reference_url https://usn.ubuntu.com/7157-1/
reference_id USN-7157-1
reference_type
scores
url https://usn.ubuntu.com/7157-1/
13
reference_url https://usn.ubuntu.com/7157-3/
reference_id USN-7157-3
reference_type
scores
url https://usn.ubuntu.com/7157-3/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u7%3Fdistro=bullseye
aliases CVE-2024-8929
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1re1-15w4-cqeq
2
url VCID-26ab-3bt8-jkf3
vulnerability_id VCID-26ab-3bt8-jkf3
summary php: heap-based buffer overflow in array_merge()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14178.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14178.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14178
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05863
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.06057
published_at 2026-04-21T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05929
published_at 2026-04-13T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05895
published_at 2026-04-16T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05905
published_at 2026-04-18T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05896
published_at 2026-04-04T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05889
published_at 2026-04-07T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05927
published_at 2026-04-08T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05966
published_at 2026-04-09T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05947
published_at 2026-04-11T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05938
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14178
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14178
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14178
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574
reference_id 1123574
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2425625
reference_id 2425625
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2425625
6
reference_url https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2
reference_id GHSA-h96m-rvf9-jgm2
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:00:50Z/
url https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2
7
reference_url https://access.redhat.com/errata/RHSA-2026:1169
reference_id RHSA-2026:1169
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1169
8
reference_url https://access.redhat.com/errata/RHSA-2026:1185
reference_id RHSA-2026:1185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1185
9
reference_url https://access.redhat.com/errata/RHSA-2026:1187
reference_id RHSA-2026:1187
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1187
10
reference_url https://access.redhat.com/errata/RHSA-2026:1190
reference_id RHSA-2026:1190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1190
11
reference_url https://access.redhat.com/errata/RHSA-2026:1409
reference_id RHSA-2026:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1409
12
reference_url https://access.redhat.com/errata/RHSA-2026:1412
reference_id RHSA-2026:1412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1412
13
reference_url https://access.redhat.com/errata/RHSA-2026:1429
reference_id RHSA-2026:1429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1429
14
reference_url https://access.redhat.com/errata/RHSA-2026:1628
reference_id RHSA-2026:1628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1628
15
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
16
reference_url https://access.redhat.com/errata/RHSA-2026:2799
reference_id RHSA-2026:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2799
17
reference_url https://access.redhat.com/errata/RHSA-2026:4077
reference_id RHSA-2026:4077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4077
18
reference_url https://access.redhat.com/errata/RHSA-2026:4086
reference_id RHSA-2026:4086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4086
19
reference_url https://access.redhat.com/errata/RHSA-2026:4212
reference_id RHSA-2026:4212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4212
20
reference_url https://access.redhat.com/errata/RHSA-2026:4266
reference_id RHSA-2026:4266
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4266
21
reference_url https://access.redhat.com/errata/RHSA-2026:4507
reference_id RHSA-2026:4507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4507
22
reference_url https://access.redhat.com/errata/RHSA-2026:4514
reference_id RHSA-2026:4514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4514
23
reference_url https://access.redhat.com/errata/RHSA-2026:4517
reference_id RHSA-2026:4517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4517
24
reference_url https://access.redhat.com/errata/RHSA-2026:7614
reference_id RHSA-2026:7614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7614
25
reference_url https://usn.ubuntu.com/7953-1/
reference_id USN-7953-1
reference_type
scores
url https://usn.ubuntu.com/7953-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u10?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u10?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u10%3Fdistro=bullseye
aliases CVE-2025-14178
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26ab-3bt8-jkf3
3
url VCID-2adj-dp22-xyeb
vulnerability_id VCID-2adj-dp22-xyeb
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary shell commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7062.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7062.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7062
reference_id
reference_type
scores
0
value 0.01155
scoring_system epss
scoring_elements 0.78485
published_at 2026-04-01T12:55:00Z
1
value 0.01155
scoring_system epss
scoring_elements 0.78491
published_at 2026-04-02T12:55:00Z
2
value 0.01155
scoring_system epss
scoring_elements 0.78521
published_at 2026-04-04T12:55:00Z
3
value 0.01155
scoring_system epss
scoring_elements 0.78505
published_at 2026-04-07T12:55:00Z
4
value 0.01155
scoring_system epss
scoring_elements 0.78531
published_at 2026-04-08T12:55:00Z
5
value 0.01155
scoring_system epss
scoring_elements 0.78537
published_at 2026-04-09T12:55:00Z
6
value 0.01155
scoring_system epss
scoring_elements 0.78562
published_at 2026-04-11T12:55:00Z
7
value 0.01155
scoring_system epss
scoring_elements 0.78544
published_at 2026-04-12T12:55:00Z
8
value 0.01155
scoring_system epss
scoring_elements 0.78536
published_at 2026-04-13T12:55:00Z
9
value 0.01155
scoring_system epss
scoring_elements 0.78564
published_at 2026-04-16T12:55:00Z
10
value 0.01155
scoring_system epss
scoring_elements 0.78563
published_at 2026-04-18T12:55:00Z
11
value 0.01155
scoring_system epss
scoring_elements 0.7856
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7062
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1808532
reference_id 1808532
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1808532
11
reference_url https://security.gentoo.org/glsa/202003-57
reference_id GLSA-202003-57
reference_type
scores
url https://security.gentoo.org/glsa/202003-57
12
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
13
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
14
reference_url https://usn.ubuntu.com/4330-1/
reference_id USN-4330-1
reference_type
scores
url https://usn.ubuntu.com/4330-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.3-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.3-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.3-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7062
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2adj-dp22-xyeb
4
url VCID-2dg4-b7g9-eubx
vulnerability_id VCID-2dg4-b7g9-eubx
summary Multiple vulnerabilities have been found in PHP, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31630.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31630.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31630
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18493
published_at 2026-04-21T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18462
published_at 2026-04-16T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18471
published_at 2026-04-18T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18765
published_at 2026-04-04T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18482
published_at 2026-04-07T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.18562
published_at 2026-04-08T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18615
published_at 2026-04-09T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18619
published_at 2026-04-11T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18572
published_at 2026-04-12T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.1852
published_at 2026-04-13T12:55:00Z
10
value 0.00065
scoring_system epss
scoring_elements 0.20211
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31630
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2139280
reference_id 2139280
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2139280
8
reference_url https://security.gentoo.org/glsa/202211-03
reference_id GLSA-202211-03
reference_type
scores
url https://security.gentoo.org/glsa/202211-03
9
reference_url https://access.redhat.com/errata/RHSA-2023:0848
reference_id RHSA-2023:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0848
10
reference_url https://access.redhat.com/errata/RHSA-2023:0965
reference_id RHSA-2023:0965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0965
11
reference_url https://access.redhat.com/errata/RHSA-2023:2417
reference_id RHSA-2023:2417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2417
12
reference_url https://access.redhat.com/errata/RHSA-2023:2903
reference_id RHSA-2023:2903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2903
13
reference_url https://usn.ubuntu.com/5717-1/
reference_id USN-5717-1
reference_type
scores
url https://usn.ubuntu.com/5717-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2022-31630
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dg4-b7g9-eubx
5
url VCID-2tux-e678-hubz
vulnerability_id VCID-2tux-e678-hubz
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31627.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31627.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31627
reference_id
reference_type
scores
0
value 0.00181
scoring_system epss
scoring_elements 0.3976
published_at 2026-04-02T12:55:00Z
1
value 0.00181
scoring_system epss
scoring_elements 0.39782
published_at 2026-04-04T12:55:00Z
2
value 0.00181
scoring_system epss
scoring_elements 0.39701
published_at 2026-04-07T12:55:00Z
3
value 0.00181
scoring_system epss
scoring_elements 0.39755
published_at 2026-04-08T12:55:00Z
4
value 0.00181
scoring_system epss
scoring_elements 0.39769
published_at 2026-04-09T12:55:00Z
5
value 0.00181
scoring_system epss
scoring_elements 0.39779
published_at 2026-04-11T12:55:00Z
6
value 0.00181
scoring_system epss
scoring_elements 0.39743
published_at 2026-04-12T12:55:00Z
7
value 0.00181
scoring_system epss
scoring_elements 0.39727
published_at 2026-04-13T12:55:00Z
8
value 0.00181
scoring_system epss
scoring_elements 0.39777
published_at 2026-04-16T12:55:00Z
9
value 0.00181
scoring_system epss
scoring_elements 0.39748
published_at 2026-04-18T12:55:00Z
10
value 0.00181
scoring_system epss
scoring_elements 0.39664
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31627
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2107018
reference_id 2107018
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2107018
4
reference_url https://security.gentoo.org/glsa/202209-20
reference_id GLSA-202209-20
reference_type
scores
url https://security.gentoo.org/glsa/202209-20
5
reference_url https://usn.ubuntu.com/5530-1/
reference_id USN-5530-1
reference_type
scores
url https://usn.ubuntu.com/5530-1/
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2022-31627
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2tux-e678-hubz
6
url VCID-2yrz-qpqj-9ugn
vulnerability_id VCID-2yrz-qpqj-9ugn
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in a Denial of Service condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7071.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7071.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7071
reference_id
reference_type
scores
0
value 0.07003
scoring_system epss
scoring_elements 0.91421
published_at 2026-04-01T12:55:00Z
1
value 0.07003
scoring_system epss
scoring_elements 0.9149
published_at 2026-04-21T12:55:00Z
2
value 0.07003
scoring_system epss
scoring_elements 0.9147
published_at 2026-04-13T12:55:00Z
3
value 0.07003
scoring_system epss
scoring_elements 0.91494
published_at 2026-04-16T12:55:00Z
4
value 0.07003
scoring_system epss
scoring_elements 0.91428
published_at 2026-04-02T12:55:00Z
5
value 0.07003
scoring_system epss
scoring_elements 0.91437
published_at 2026-04-04T12:55:00Z
6
value 0.07003
scoring_system epss
scoring_elements 0.91445
published_at 2026-04-07T12:55:00Z
7
value 0.07003
scoring_system epss
scoring_elements 0.91457
published_at 2026-04-08T12:55:00Z
8
value 0.07003
scoring_system epss
scoring_elements 0.91463
published_at 2026-04-09T12:55:00Z
9
value 0.07003
scoring_system epss
scoring_elements 0.91469
published_at 2026-04-11T12:55:00Z
10
value 0.07003
scoring_system epss
scoring_elements 0.91472
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7071
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1913846
reference_id 1913846
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1913846
9
reference_url https://security.archlinux.org/ASA-202101-9
reference_id ASA-202101-9
reference_type
scores
url https://security.archlinux.org/ASA-202101-9
10
reference_url https://security.archlinux.org/AVG-1415
reference_id AVG-1415
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1415
11
reference_url https://security.gentoo.org/glsa/202105-23
reference_id GLSA-202105-23
reference_type
scores
url https://security.gentoo.org/glsa/202105-23
12
reference_url https://access.redhat.com/errata/RHSA-2021:2992
reference_id RHSA-2021:2992
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2992
13
reference_url https://access.redhat.com/errata/RHSA-2021:4213
reference_id RHSA-2021:4213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4213
14
reference_url https://usn.ubuntu.com/5006-1/
reference_id USN-5006-1
reference_type
scores
url https://usn.ubuntu.com/5006-1/
15
reference_url https://usn.ubuntu.com/5006-2/
reference_id USN-5006-2
reference_type
scores
url https://usn.ubuntu.com/5006-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.14-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.14-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.14-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7071
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2yrz-qpqj-9ugn
7
url VCID-32yk-5b4h-4bfv
vulnerability_id VCID-32yk-5b4h-4bfv
summary php: Fail to Escape Arguments Properly in Microsoft Windows
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1874.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1874.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-1874
reference_id
reference_type
scores
0
value 0.63376
scoring_system epss
scoring_elements 0.98394
published_at 2026-04-02T12:55:00Z
1
value 0.63376
scoring_system epss
scoring_elements 0.98412
published_at 2026-04-21T12:55:00Z
2
value 0.63376
scoring_system epss
scoring_elements 0.98407
published_at 2026-04-13T12:55:00Z
3
value 0.63376
scoring_system epss
scoring_elements 0.98404
published_at 2026-04-09T12:55:00Z
4
value 0.63376
scoring_system epss
scoring_elements 0.98403
published_at 2026-04-08T12:55:00Z
5
value 0.63376
scoring_system epss
scoring_elements 0.984
published_at 2026-04-07T12:55:00Z
6
value 0.63376
scoring_system epss
scoring_elements 0.98397
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-1874
2
reference_url http://www.openwall.com/lists/oss-security/2024/06/07/1
reference_id 1
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/
url http://www.openwall.com/lists/oss-security/2024/06/07/1
3
reference_url http://www.openwall.com/lists/oss-security/2024/04/12/11
reference_id 11
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/
url http://www.openwall.com/lists/oss-security/2024/04/12/11
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2267262
reference_id 2267262
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2267262
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7
reference_id GHSA-pc52-254m-w9w7
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/
url https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7
6
reference_url https://security.netapp.com/advisory/ntap-20240510-0009/
reference_id ntap-20240510-0009
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/
url https://security.netapp.com/advisory/ntap-20240510-0009/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
reference_id PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
reference_id W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2024-1874
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-32yk-5b4h-4bfv
8
url VCID-341r-8amt-z7dr
vulnerability_id VCID-341r-8amt-z7dr
summary php: Configuring a proxy in a stream context might allow for CRLF injection in URIs
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11234.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11234.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11234
reference_id
reference_type
scores
0
value 0.01153
scoring_system epss
scoring_elements 0.78538
published_at 2026-04-21T12:55:00Z
1
value 0.01153
scoring_system epss
scoring_elements 0.78514
published_at 2026-04-13T12:55:00Z
2
value 0.01153
scoring_system epss
scoring_elements 0.78539
published_at 2026-04-11T12:55:00Z
3
value 0.01153
scoring_system epss
scoring_elements 0.78521
published_at 2026-04-12T12:55:00Z
4
value 0.01153
scoring_system epss
scoring_elements 0.78541
published_at 2026-04-18T12:55:00Z
5
value 0.01559
scoring_system epss
scoring_elements 0.81462
published_at 2026-04-08T12:55:00Z
6
value 0.01559
scoring_system epss
scoring_elements 0.81434
published_at 2026-04-07T12:55:00Z
7
value 0.02098
scoring_system epss
scoring_elements 0.84011
published_at 2026-04-04T12:55:00Z
8
value 0.02098
scoring_system epss
scoring_elements 0.83996
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11234
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11234
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
reference_id 1088688
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2328523
reference_id 2328523
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2328523
6
reference_url https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2
reference_id GHSA-c5f2-jwm7-mmq2
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-24T12:32:39Z/
url https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2
7
reference_url https://access.redhat.com/errata/RHSA-2025:15687
reference_id RHSA-2025:15687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15687
8
reference_url https://access.redhat.com/errata/RHSA-2025:4263
reference_id RHSA-2025:4263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4263
9
reference_url https://access.redhat.com/errata/RHSA-2025:7315
reference_id RHSA-2025:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7315
10
reference_url https://access.redhat.com/errata/RHSA-2025:7432
reference_id RHSA-2025:7432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7432
11
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
12
reference_url https://usn.ubuntu.com/7157-1/
reference_id USN-7157-1
reference_type
scores
url https://usn.ubuntu.com/7157-1/
13
reference_url https://usn.ubuntu.com/7157-3/
reference_id USN-7157-3
reference_type
scores
url https://usn.ubuntu.com/7157-3/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u7%3Fdistro=bullseye
aliases CVE-2024-11234
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-341r-8amt-z7dr
9
url VCID-3xsn-r6dz-rfbv
vulnerability_id VCID-3xsn-r6dz-rfbv
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary shell commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7063.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7063.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7063
reference_id
reference_type
scores
0
value 0.00303
scoring_system epss
scoring_elements 0.53498
published_at 2026-04-01T12:55:00Z
1
value 0.00303
scoring_system epss
scoring_elements 0.53522
published_at 2026-04-02T12:55:00Z
2
value 0.00303
scoring_system epss
scoring_elements 0.53548
published_at 2026-04-04T12:55:00Z
3
value 0.00303
scoring_system epss
scoring_elements 0.53517
published_at 2026-04-07T12:55:00Z
4
value 0.00303
scoring_system epss
scoring_elements 0.53567
published_at 2026-04-08T12:55:00Z
5
value 0.00303
scoring_system epss
scoring_elements 0.53563
published_at 2026-04-09T12:55:00Z
6
value 0.00303
scoring_system epss
scoring_elements 0.53613
published_at 2026-04-11T12:55:00Z
7
value 0.00303
scoring_system epss
scoring_elements 0.53596
published_at 2026-04-12T12:55:00Z
8
value 0.00303
scoring_system epss
scoring_elements 0.53578
published_at 2026-04-13T12:55:00Z
9
value 0.00303
scoring_system epss
scoring_elements 0.53615
published_at 2026-04-16T12:55:00Z
10
value 0.00303
scoring_system epss
scoring_elements 0.5362
published_at 2026-04-18T12:55:00Z
11
value 0.00303
scoring_system epss
scoring_elements 0.53604
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7063
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1808536
reference_id 1808536
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1808536
11
reference_url https://security.gentoo.org/glsa/202003-57
reference_id GLSA-202003-57
reference_type
scores
url https://security.gentoo.org/glsa/202003-57
12
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
13
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
14
reference_url https://usn.ubuntu.com/4330-1/
reference_id USN-4330-1
reference_type
scores
url https://usn.ubuntu.com/4330-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.3-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.3-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.3-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7063
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3xsn-r6dz-rfbv
10
url VCID-46m1-33z3-ruhk
vulnerability_id VCID-46m1-33z3-ruhk
summary php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14180.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14180.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14180
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10092
published_at 2026-04-02T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10147
published_at 2026-04-21T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.10167
published_at 2026-04-13T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.1004
published_at 2026-04-16T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.10018
published_at 2026-04-18T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.10155
published_at 2026-04-04T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.10051
published_at 2026-04-07T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.10127
published_at 2026-04-08T12:55:00Z
8
value 0.00034
scoring_system epss
scoring_elements 0.10187
published_at 2026-04-12T12:55:00Z
9
value 0.00034
scoring_system epss
scoring_elements 0.10227
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14180
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574
reference_id 1123574
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2425627
reference_id 2425627
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2425627
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-8xr5-qppj-gvwj
reference_id GHSA-8xr5-qppj-gvwj
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-29T15:59:59Z/
url https://github.com/php/php-src/security/advisories/GHSA-8xr5-qppj-gvwj
6
reference_url https://access.redhat.com/errata/RHSA-2026:1169
reference_id RHSA-2026:1169
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1169
7
reference_url https://access.redhat.com/errata/RHSA-2026:1185
reference_id RHSA-2026:1185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1185
8
reference_url https://access.redhat.com/errata/RHSA-2026:1187
reference_id RHSA-2026:1187
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1187
9
reference_url https://access.redhat.com/errata/RHSA-2026:1190
reference_id RHSA-2026:1190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1190
10
reference_url https://access.redhat.com/errata/RHSA-2026:1409
reference_id RHSA-2026:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1409
11
reference_url https://access.redhat.com/errata/RHSA-2026:1412
reference_id RHSA-2026:1412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1412
12
reference_url https://access.redhat.com/errata/RHSA-2026:1429
reference_id RHSA-2026:1429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1429
13
reference_url https://access.redhat.com/errata/RHSA-2026:1628
reference_id RHSA-2026:1628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1628
14
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
15
reference_url https://access.redhat.com/errata/RHSA-2026:7614
reference_id RHSA-2026:7614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7614
16
reference_url https://usn.ubuntu.com/7953-1/
reference_id USN-7953-1
reference_type
scores
url https://usn.ubuntu.com/7953-1/
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2025-14180
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-46m1-33z3-ruhk
11
url VCID-53h9-y2ns-jfh1
vulnerability_id VCID-53h9-y2ns-jfh1
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8927.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8927.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8927
reference_id
reference_type
scores
0
value 0.0045
scoring_system epss
scoring_elements 0.63645
published_at 2026-04-21T12:55:00Z
1
value 0.0045
scoring_system epss
scoring_elements 0.63616
published_at 2026-04-13T12:55:00Z
2
value 0.0045
scoring_system epss
scoring_elements 0.63653
published_at 2026-04-16T12:55:00Z
3
value 0.0045
scoring_system epss
scoring_elements 0.63662
published_at 2026-04-18T12:55:00Z
4
value 0.0045
scoring_system epss
scoring_elements 0.63596
published_at 2026-04-02T12:55:00Z
5
value 0.0045
scoring_system epss
scoring_elements 0.63622
published_at 2026-04-04T12:55:00Z
6
value 0.0045
scoring_system epss
scoring_elements 0.63581
published_at 2026-04-07T12:55:00Z
7
value 0.0045
scoring_system epss
scoring_elements 0.63633
published_at 2026-04-08T12:55:00Z
8
value 0.0045
scoring_system epss
scoring_elements 0.63649
published_at 2026-04-12T12:55:00Z
9
value 0.0045
scoring_system epss
scoring_elements 0.63664
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8927
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2317051
reference_id 2317051
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2317051
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-94p6-54jq-9mwp
reference_id GHSA-94p6-54jq-9mwp
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T12:50:40Z/
url https://github.com/php/php-src/security/advisories/GHSA-94p6-54jq-9mwp
6
reference_url https://security.gentoo.org/glsa/202501-11
reference_id GLSA-202501-11
reference_type
scores
url https://security.gentoo.org/glsa/202501-11
7
reference_url https://access.redhat.com/errata/RHSA-2024:10949
reference_id RHSA-2024:10949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10949
8
reference_url https://access.redhat.com/errata/RHSA-2024:10950
reference_id RHSA-2024:10950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10950
9
reference_url https://access.redhat.com/errata/RHSA-2024:10951
reference_id RHSA-2024:10951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10951
10
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
11
reference_url https://access.redhat.com/errata/RHSA-2025:7315
reference_id RHSA-2025:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7315
12
reference_url https://usn.ubuntu.com/7049-1/
reference_id USN-7049-1
reference_type
scores
url https://usn.ubuntu.com/7049-1/
13
reference_url https://usn.ubuntu.com/7049-2/
reference_id USN-7049-2
reference_type
scores
url https://usn.ubuntu.com/7049-2/
14
reference_url https://usn.ubuntu.com/7049-3/
reference_id USN-7049-3
reference_type
scores
url https://usn.ubuntu.com/7049-3/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u6%3Fdistro=bullseye
aliases CVE-2024-8927
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53h9-y2ns-jfh1
12
url VCID-5jts-46jw-tfdp
vulnerability_id VCID-5jts-46jw-tfdp
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5585.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5585.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5585
reference_id
reference_type
scores
0
value 0.00874
scoring_system epss
scoring_elements 0.75312
published_at 2026-04-21T12:55:00Z
1
value 0.00874
scoring_system epss
scoring_elements 0.75226
published_at 2026-04-02T12:55:00Z
2
value 0.00874
scoring_system epss
scoring_elements 0.75257
published_at 2026-04-04T12:55:00Z
3
value 0.00874
scoring_system epss
scoring_elements 0.75234
published_at 2026-04-07T12:55:00Z
4
value 0.00874
scoring_system epss
scoring_elements 0.75276
published_at 2026-04-08T12:55:00Z
5
value 0.00874
scoring_system epss
scoring_elements 0.75287
published_at 2026-04-09T12:55:00Z
6
value 0.00874
scoring_system epss
scoring_elements 0.75308
published_at 2026-04-11T12:55:00Z
7
value 0.00874
scoring_system epss
scoring_elements 0.75286
published_at 2026-04-12T12:55:00Z
8
value 0.00874
scoring_system epss
scoring_elements 0.75275
published_at 2026-04-13T12:55:00Z
9
value 0.00874
scoring_system epss
scoring_elements 0.75314
published_at 2026-04-16T12:55:00Z
10
value 0.00874
scoring_system epss
scoring_elements 0.75321
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5585
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url http://www.openwall.com/lists/oss-security/2024/06/07/1
reference_id 1
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/
url http://www.openwall.com/lists/oss-security/2024/06/07/1
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2291311
reference_id 2291311
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2291311
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-9fcc-425m-g385
reference_id GHSA-9fcc-425m-g385
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/
url https://github.com/php/php-src/security/advisories/GHSA-9fcc-425m-g385
6
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
7
reference_url https://security.netapp.com/advisory/ntap-20240726-0002/
reference_id ntap-20240726-0002
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/
url https://security.netapp.com/advisory/ntap-20240726-0002/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
reference_id PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
reference_id W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2024-5585
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5jts-46jw-tfdp
13
url VCID-6g29-te13-kucu
vulnerability_id VCID-6g29-te13-kucu
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9026.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9026.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9026
reference_id
reference_type
scores
0
value 0.00868
scoring_system epss
scoring_elements 0.75212
published_at 2026-04-18T12:55:00Z
1
value 0.00868
scoring_system epss
scoring_elements 0.7518
published_at 2026-04-12T12:55:00Z
2
value 0.00868
scoring_system epss
scoring_elements 0.75202
published_at 2026-04-21T12:55:00Z
3
value 0.00868
scoring_system epss
scoring_elements 0.75206
published_at 2026-04-16T12:55:00Z
4
value 0.00868
scoring_system epss
scoring_elements 0.75127
published_at 2026-04-02T12:55:00Z
5
value 0.00868
scoring_system epss
scoring_elements 0.75157
published_at 2026-04-04T12:55:00Z
6
value 0.00868
scoring_system epss
scoring_elements 0.75134
published_at 2026-04-07T12:55:00Z
7
value 0.00868
scoring_system epss
scoring_elements 0.75168
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9026
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9026
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9026
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2317144
reference_id 2317144
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2317144
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-865w-9rf3-2wh5
reference_id GHSA-865w-9rf3-2wh5
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-08T12:47:58Z/
url https://github.com/php/php-src/security/advisories/GHSA-865w-9rf3-2wh5
6
reference_url https://security.gentoo.org/glsa/202501-11
reference_id GLSA-202501-11
reference_type
scores
url https://security.gentoo.org/glsa/202501-11
7
reference_url https://access.redhat.com/errata/RHSA-2024:10949
reference_id RHSA-2024:10949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10949
8
reference_url https://access.redhat.com/errata/RHSA-2024:10950
reference_id RHSA-2024:10950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10950
9
reference_url https://access.redhat.com/errata/RHSA-2024:10951
reference_id RHSA-2024:10951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10951
10
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
11
reference_url https://access.redhat.com/errata/RHSA-2025:7315
reference_id RHSA-2025:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7315
12
reference_url https://usn.ubuntu.com/7049-1/
reference_id USN-7049-1
reference_type
scores
url https://usn.ubuntu.com/7049-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u6%3Fdistro=bullseye
aliases CVE-2024-9026
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6g29-te13-kucu
14
url VCID-7151-69v8-cqaj
vulnerability_id VCID-7151-69v8-cqaj
summary php: Integer overflow in the firebird and dblib quoters causing OOB writes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11236.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11236.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11236
reference_id
reference_type
scores
0
value 0.00327
scoring_system epss
scoring_elements 0.55653
published_at 2026-04-08T12:55:00Z
1
value 0.00327
scoring_system epss
scoring_elements 0.55624
published_at 2026-04-04T12:55:00Z
2
value 0.00327
scoring_system epss
scoring_elements 0.55601
published_at 2026-04-07T12:55:00Z
3
value 0.00327
scoring_system epss
scoring_elements 0.55656
published_at 2026-04-09T12:55:00Z
4
value 0.00327
scoring_system epss
scoring_elements 0.55665
published_at 2026-04-11T12:55:00Z
5
value 0.00327
scoring_system epss
scoring_elements 0.55645
published_at 2026-04-12T12:55:00Z
6
value 0.00327
scoring_system epss
scoring_elements 0.55628
published_at 2026-04-13T12:55:00Z
7
value 0.00327
scoring_system epss
scoring_elements 0.556
published_at 2026-04-02T12:55:00Z
8
value 0.00443
scoring_system epss
scoring_elements 0.63368
published_at 2026-04-21T12:55:00Z
9
value 0.00443
scoring_system epss
scoring_elements 0.63383
published_at 2026-04-16T12:55:00Z
10
value 0.00443
scoring_system epss
scoring_elements 0.63391
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11236
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11236
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
reference_id 1088688
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2328522
reference_id 2328522
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2328522
6
reference_url https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv
reference_id GHSA-5hqh-c84r-qjcv
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-24T12:32:23Z/
url https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv
7
reference_url https://usn.ubuntu.com/7153-1/
reference_id USN-7153-1
reference_type
scores
url https://usn.ubuntu.com/7153-1/
8
reference_url https://usn.ubuntu.com/7157-1/
reference_id USN-7157-1
reference_type
scores
url https://usn.ubuntu.com/7157-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u7%3Fdistro=bullseye
aliases CVE-2024-11236
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7151-69v8-cqaj
15
url VCID-7mcr-tsd2-tkf2
vulnerability_id VCID-7mcr-tsd2-tkf2
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in a Denial of Service condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7070.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7070.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7070
reference_id
reference_type
scores
0
value 0.26088
scoring_system epss
scoring_elements 0.96245
published_at 2026-04-01T12:55:00Z
1
value 0.26088
scoring_system epss
scoring_elements 0.96253
published_at 2026-04-02T12:55:00Z
2
value 0.26088
scoring_system epss
scoring_elements 0.9626
published_at 2026-04-04T12:55:00Z
3
value 0.26088
scoring_system epss
scoring_elements 0.96265
published_at 2026-04-07T12:55:00Z
4
value 0.26088
scoring_system epss
scoring_elements 0.96274
published_at 2026-04-08T12:55:00Z
5
value 0.26088
scoring_system epss
scoring_elements 0.96294
published_at 2026-04-16T12:55:00Z
6
value 0.26088
scoring_system epss
scoring_elements 0.96298
published_at 2026-04-18T12:55:00Z
7
value 0.26088
scoring_system epss
scoring_elements 0.96277
published_at 2026-04-09T12:55:00Z
8
value 0.26088
scoring_system epss
scoring_elements 0.96281
published_at 2026-04-12T12:55:00Z
9
value 0.26088
scoring_system epss
scoring_elements 0.96285
published_at 2026-04-13T12:55:00Z
10
value 0.29078
scoring_system epss
scoring_elements 0.96595
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7070
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1885738
reference_id 1885738
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1885738
9
reference_url https://security.gentoo.org/glsa/202012-16
reference_id GLSA-202012-16
reference_type
scores
url https://security.gentoo.org/glsa/202012-16
10
reference_url https://access.redhat.com/errata/RHSA-2021:2992
reference_id RHSA-2021:2992
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2992
11
reference_url https://access.redhat.com/errata/RHSA-2021:4213
reference_id RHSA-2021:4213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4213
12
reference_url https://usn.ubuntu.com/4583-1/
reference_id USN-4583-1
reference_type
scores
url https://usn.ubuntu.com/4583-1/
13
reference_url https://usn.ubuntu.com/4583-2/
reference_id USN-4583-2
reference_type
scores
url https://usn.ubuntu.com/4583-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.11-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.11-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.11-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7070
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7mcr-tsd2-tkf2
16
url VCID-7qqj-hp6m-z7bh
vulnerability_id VCID-7qqj-hp6m-z7bh
summary php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6491.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6491.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6491
reference_id
reference_type
scores
0
value 0.00227
scoring_system epss
scoring_elements 0.45447
published_at 2026-04-04T12:55:00Z
1
value 0.00227
scoring_system epss
scoring_elements 0.45427
published_at 2026-04-02T12:55:00Z
2
value 0.00227
scoring_system epss
scoring_elements 0.45392
published_at 2026-04-07T12:55:00Z
3
value 0.00252
scoring_system epss
scoring_elements 0.48576
published_at 2026-04-21T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48573
published_at 2026-04-13T12:55:00Z
5
value 0.00252
scoring_system epss
scoring_elements 0.48623
published_at 2026-04-16T12:55:00Z
6
value 0.00252
scoring_system epss
scoring_elements 0.48618
published_at 2026-04-18T12:55:00Z
7
value 0.00252
scoring_system epss
scoring_elements 0.48569
published_at 2026-04-08T12:55:00Z
8
value 0.00252
scoring_system epss
scoring_elements 0.48566
published_at 2026-04-09T12:55:00Z
9
value 0.00252
scoring_system epss
scoring_elements 0.48587
published_at 2026-04-11T12:55:00Z
10
value 0.00252
scoring_system epss
scoring_elements 0.4856
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6491
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6491
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6491
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2378690
reference_id 2378690
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2378690
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x
reference_id GHSA-453j-q27h-5p8x
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T15:59:51Z/
url https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x
6
reference_url https://access.redhat.com/errata/RHSA-2025:23309
reference_id RHSA-2025:23309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23309
7
reference_url https://access.redhat.com/errata/RHSA-2026:1409
reference_id RHSA-2026:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1409
8
reference_url https://access.redhat.com/errata/RHSA-2026:1412
reference_id RHSA-2026:1412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1412
9
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
10
reference_url https://usn.ubuntu.com/7648-1/
reference_id USN-7648-1
reference_type
scores
url https://usn.ubuntu.com/7648-1/
11
reference_url https://usn.ubuntu.com/7648-2/
reference_id USN-7648-2
reference_type
scores
url https://usn.ubuntu.com/7648-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u9%3Fdistro=bullseye
aliases CVE-2025-6491
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7qqj-hp6m-z7bh
17
url VCID-8kna-v21h-qfb5
vulnerability_id VCID-8kna-v21h-qfb5
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21704.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21704.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21704
reference_id
reference_type
scores
0
value 0.0015
scoring_system epss
scoring_elements 0.35369
published_at 2026-04-01T12:55:00Z
1
value 0.0015
scoring_system epss
scoring_elements 0.35467
published_at 2026-04-21T12:55:00Z
2
value 0.0015
scoring_system epss
scoring_elements 0.35528
published_at 2026-04-16T12:55:00Z
3
value 0.0015
scoring_system epss
scoring_elements 0.35518
published_at 2026-04-18T12:55:00Z
4
value 0.0015
scoring_system epss
scoring_elements 0.35568
published_at 2026-04-02T12:55:00Z
5
value 0.0015
scoring_system epss
scoring_elements 0.35594
published_at 2026-04-04T12:55:00Z
6
value 0.0015
scoring_system epss
scoring_elements 0.35476
published_at 2026-04-07T12:55:00Z
7
value 0.0015
scoring_system epss
scoring_elements 0.35522
published_at 2026-04-08T12:55:00Z
8
value 0.0015
scoring_system epss
scoring_elements 0.35546
published_at 2026-04-09T12:55:00Z
9
value 0.0015
scoring_system epss
scoring_elements 0.35555
published_at 2026-04-11T12:55:00Z
10
value 0.0015
scoring_system epss
scoring_elements 0.35511
published_at 2026-04-12T12:55:00Z
11
value 0.0015
scoring_system epss
scoring_elements 0.35489
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21704
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21704
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21705
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1978790
reference_id 1978790
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1978790
6
reference_url https://security.archlinux.org/ASA-202107-15
reference_id ASA-202107-15
reference_type
scores
url https://security.archlinux.org/ASA-202107-15
7
reference_url https://security.archlinux.org/AVG-2132
reference_id AVG-2132
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2132
8
reference_url https://security.gentoo.org/glsa/202209-20
reference_id GLSA-202209-20
reference_type
scores
url https://security.gentoo.org/glsa/202209-20
9
reference_url https://usn.ubuntu.com/5006-1/
reference_id USN-5006-1
reference_type
scores
url https://usn.ubuntu.com/5006-1/
10
reference_url https://usn.ubuntu.com/5006-2/
reference_id USN-5006-2
reference_type
scores
url https://usn.ubuntu.com/5006-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.21-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.21-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.21-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2021-21704
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8kna-v21h-qfb5
18
url VCID-99r7-s4va-3kes
vulnerability_id VCID-99r7-s4va-3kes
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21705.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21705.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21705
reference_id
reference_type
scores
0
value 0.00294
scoring_system epss
scoring_elements 0.5263
published_at 2026-04-01T12:55:00Z
1
value 0.00294
scoring_system epss
scoring_elements 0.52755
published_at 2026-04-21T12:55:00Z
2
value 0.00294
scoring_system epss
scoring_elements 0.52765
published_at 2026-04-16T12:55:00Z
3
value 0.00294
scoring_system epss
scoring_elements 0.52772
published_at 2026-04-18T12:55:00Z
4
value 0.00294
scoring_system epss
scoring_elements 0.52673
published_at 2026-04-02T12:55:00Z
5
value 0.00294
scoring_system epss
scoring_elements 0.527
published_at 2026-04-04T12:55:00Z
6
value 0.00294
scoring_system epss
scoring_elements 0.52664
published_at 2026-04-07T12:55:00Z
7
value 0.00294
scoring_system epss
scoring_elements 0.52715
published_at 2026-04-08T12:55:00Z
8
value 0.00294
scoring_system epss
scoring_elements 0.52709
published_at 2026-04-09T12:55:00Z
9
value 0.00294
scoring_system epss
scoring_elements 0.52759
published_at 2026-04-11T12:55:00Z
10
value 0.00294
scoring_system epss
scoring_elements 0.52742
published_at 2026-04-12T12:55:00Z
11
value 0.00294
scoring_system epss
scoring_elements 0.52726
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21705
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21704
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21705
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1978755
reference_id 1978755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1978755
6
reference_url https://security.archlinux.org/ASA-202107-15
reference_id ASA-202107-15
reference_type
scores
url https://security.archlinux.org/ASA-202107-15
7
reference_url https://security.archlinux.org/AVG-2132
reference_id AVG-2132
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2132
8
reference_url https://security.gentoo.org/glsa/202209-20
reference_id GLSA-202209-20
reference_type
scores
url https://security.gentoo.org/glsa/202209-20
9
reference_url https://access.redhat.com/errata/RHSA-2021:2992
reference_id RHSA-2021:2992
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2992
10
reference_url https://access.redhat.com/errata/RHSA-2022:1935
reference_id RHSA-2022:1935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1935
11
reference_url https://usn.ubuntu.com/5006-1/
reference_id USN-5006-1
reference_type
scores
url https://usn.ubuntu.com/5006-1/
12
reference_url https://usn.ubuntu.com/5006-2/
reference_id USN-5006-2
reference_type
scores
url https://usn.ubuntu.com/5006-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.21-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.21-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.21-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2021-21705
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-99r7-s4va-3kes
19
url VCID-9byf-ymwr-eug8
vulnerability_id VCID-9byf-ymwr-eug8
summary php: Single byte overread with convert.quoted-printable-decode filter
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11233.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11233.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11233
reference_id
reference_type
scores
0
value 0.00728
scoring_system epss
scoring_elements 0.72667
published_at 2026-04-21T12:55:00Z
1
value 0.00728
scoring_system epss
scoring_elements 0.72623
published_at 2026-04-13T12:55:00Z
2
value 0.00728
scoring_system epss
scoring_elements 0.72665
published_at 2026-04-16T12:55:00Z
3
value 0.00728
scoring_system epss
scoring_elements 0.72676
published_at 2026-04-18T12:55:00Z
4
value 0.00728
scoring_system epss
scoring_elements 0.72584
published_at 2026-04-02T12:55:00Z
5
value 0.00728
scoring_system epss
scoring_elements 0.726
published_at 2026-04-04T12:55:00Z
6
value 0.00728
scoring_system epss
scoring_elements 0.72577
published_at 2026-04-07T12:55:00Z
7
value 0.00728
scoring_system epss
scoring_elements 0.72615
published_at 2026-04-08T12:55:00Z
8
value 0.00728
scoring_system epss
scoring_elements 0.72627
published_at 2026-04-09T12:55:00Z
9
value 0.00728
scoring_system epss
scoring_elements 0.72651
published_at 2026-04-11T12:55:00Z
10
value 0.00728
scoring_system epss
scoring_elements 0.72633
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11233
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11233
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
reference_id 1088688
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2328521
reference_id 2328521
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2328521
6
reference_url https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43
reference_id GHSA-r977-prxv-hc43
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-24T12:32:59Z/
url https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43
7
reference_url https://access.redhat.com/errata/RHSA-2025:15687
reference_id RHSA-2025:15687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15687
8
reference_url https://access.redhat.com/errata/RHSA-2025:4263
reference_id RHSA-2025:4263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4263
9
reference_url https://access.redhat.com/errata/RHSA-2025:7315
reference_id RHSA-2025:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7315
10
reference_url https://access.redhat.com/errata/RHSA-2025:7432
reference_id RHSA-2025:7432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7432
11
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
12
reference_url https://usn.ubuntu.com/7157-1/
reference_id USN-7157-1
reference_type
scores
url https://usn.ubuntu.com/7157-1/
13
reference_url https://usn.ubuntu.com/7157-3/
reference_id USN-7157-3
reference_type
scores
url https://usn.ubuntu.com/7157-3/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u7%3Fdistro=bullseye
aliases CVE-2024-11233
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9byf-ymwr-eug8
20
url VCID-9p3x-8hp1-2bge
vulnerability_id VCID-9p3x-8hp1-2bge
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0568.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0568.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0568
reference_id
reference_type
scores
0
value 0.00188
scoring_system epss
scoring_elements 0.40635
published_at 2026-04-02T12:55:00Z
1
value 0.00188
scoring_system epss
scoring_elements 0.40546
published_at 2026-04-21T12:55:00Z
2
value 0.00188
scoring_system epss
scoring_elements 0.40644
published_at 2026-04-09T12:55:00Z
3
value 0.00188
scoring_system epss
scoring_elements 0.40625
published_at 2026-04-12T12:55:00Z
4
value 0.00188
scoring_system epss
scoring_elements 0.40606
published_at 2026-04-13T12:55:00Z
5
value 0.00188
scoring_system epss
scoring_elements 0.40653
published_at 2026-04-16T12:55:00Z
6
value 0.00188
scoring_system epss
scoring_elements 0.40622
published_at 2026-04-18T12:55:00Z
7
value 0.00188
scoring_system epss
scoring_elements 0.40662
published_at 2026-04-11T12:55:00Z
8
value 0.00188
scoring_system epss
scoring_elements 0.40584
published_at 2026-04-07T12:55:00Z
9
value 0.00188
scoring_system epss
scoring_elements 0.40634
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0568
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368
reference_id 1031368
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170770
reference_id 2170770
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170770
9
reference_url https://bugs.php.net/bug.php?id=81746
reference_id bug.php?id=81746
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:56:58Z/
url https://bugs.php.net/bug.php?id=81746
10
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
11
reference_url https://security.netapp.com/advisory/ntap-20230517-0001/
reference_id ntap-20230517-0001
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:56:58Z/
url https://security.netapp.com/advisory/ntap-20230517-0001/
12
reference_url https://access.redhat.com/errata/RHSA-2023:5926
reference_id RHSA-2023:5926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5926
13
reference_url https://access.redhat.com/errata/RHSA-2023:5927
reference_id RHSA-2023:5927
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5927
14
reference_url https://access.redhat.com/errata/RHSA-2024:0387
reference_id RHSA-2024:0387
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0387
15
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
16
reference_url https://usn.ubuntu.com/5902-1/
reference_id USN-5902-1
reference_type
scores
url https://usn.ubuntu.com/5902-1/
17
reference_url https://usn.ubuntu.com/5905-1/
reference_id USN-5905-1
reference_type
scores
url https://usn.ubuntu.com/5905-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u3?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u3?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u3%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2023-0568
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9p3x-8hp1-2bge
21
url VCID-a21g-6nbb-fbb1
vulnerability_id VCID-a21g-6nbb-fbb1
summary php: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3247.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3247.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3247
reference_id
reference_type
scores
0
value 0.00232
scoring_system epss
scoring_elements 0.46067
published_at 2026-04-02T12:55:00Z
1
value 0.00232
scoring_system epss
scoring_elements 0.4609
published_at 2026-04-21T12:55:00Z
2
value 0.00232
scoring_system epss
scoring_elements 0.46094
published_at 2026-04-13T12:55:00Z
3
value 0.00232
scoring_system epss
scoring_elements 0.46149
published_at 2026-04-16T12:55:00Z
4
value 0.00232
scoring_system epss
scoring_elements 0.46145
published_at 2026-04-18T12:55:00Z
5
value 0.00232
scoring_system epss
scoring_elements 0.46089
published_at 2026-04-09T12:55:00Z
6
value 0.00232
scoring_system epss
scoring_elements 0.46036
published_at 2026-04-07T12:55:00Z
7
value 0.00232
scoring_system epss
scoring_elements 0.46092
published_at 2026-04-08T12:55:00Z
8
value 0.00232
scoring_system epss
scoring_elements 0.46113
published_at 2026-04-11T12:55:00Z
9
value 0.00232
scoring_system epss
scoring_elements 0.46085
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3247
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3247
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3247
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219290
reference_id 2219290
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219290
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw
reference_id GHSA-76gg-c692-v2mw
reference_type
scores
0
value 2.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T19:41:48Z/
url https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw
6
reference_url https://access.redhat.com/errata/RHSA-2023:5926
reference_id RHSA-2023:5926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5926
7
reference_url https://access.redhat.com/errata/RHSA-2023:5927
reference_id RHSA-2023:5927
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5927
8
reference_url https://access.redhat.com/errata/RHSA-2024:0387
reference_id RHSA-2024:0387
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0387
9
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
10
reference_url https://usn.ubuntu.com/6199-1/
reference_id USN-6199-1
reference_type
scores
url https://usn.ubuntu.com/6199-1/
11
reference_url https://usn.ubuntu.com/6199-2/
reference_id USN-6199-2
reference_type
scores
url https://usn.ubuntu.com/6199-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u4?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u4%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2023-3247
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a21g-6nbb-fbb1
22
url VCID-araj-st9q-3keq
vulnerability_id VCID-araj-st9q-3keq
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in a Denial of Service condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7069.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7069.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7069
reference_id
reference_type
scores
0
value 0.08351
scoring_system epss
scoring_elements 0.9226
published_at 2026-04-01T12:55:00Z
1
value 0.08351
scoring_system epss
scoring_elements 0.92267
published_at 2026-04-02T12:55:00Z
2
value 0.08351
scoring_system epss
scoring_elements 0.92273
published_at 2026-04-04T12:55:00Z
3
value 0.08351
scoring_system epss
scoring_elements 0.92275
published_at 2026-04-07T12:55:00Z
4
value 0.08351
scoring_system epss
scoring_elements 0.92287
published_at 2026-04-08T12:55:00Z
5
value 0.08351
scoring_system epss
scoring_elements 0.92291
published_at 2026-04-09T12:55:00Z
6
value 0.08351
scoring_system epss
scoring_elements 0.92296
published_at 2026-04-13T12:55:00Z
7
value 0.08351
scoring_system epss
scoring_elements 0.92297
published_at 2026-04-12T12:55:00Z
8
value 0.08351
scoring_system epss
scoring_elements 0.92308
published_at 2026-04-21T12:55:00Z
9
value 0.08351
scoring_system epss
scoring_elements 0.92307
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7069
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1885735
reference_id 1885735
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1885735
9
reference_url https://security.gentoo.org/glsa/202012-16
reference_id GLSA-202012-16
reference_type
scores
url https://security.gentoo.org/glsa/202012-16
10
reference_url https://access.redhat.com/errata/RHSA-2021:2992
reference_id RHSA-2021:2992
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2992
11
reference_url https://access.redhat.com/errata/RHSA-2021:4213
reference_id RHSA-2021:4213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4213
12
reference_url https://usn.ubuntu.com/4583-1/
reference_id USN-4583-1
reference_type
scores
url https://usn.ubuntu.com/4583-1/
13
reference_url https://usn.ubuntu.com/4583-2/
reference_id USN-4583-2
reference_type
scores
url https://usn.ubuntu.com/4583-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.11-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.11-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.11-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7069
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-araj-st9q-3keq
23
url VCID-b3v5-hed2-wqeb
vulnerability_id VCID-b3v5-hed2-wqeb
summary Multiple vulnerabilities have been found in PHP, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31628.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31628.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31628
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02533
published_at 2026-04-21T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.1341
published_at 2026-04-07T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13491
published_at 2026-04-08T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13613
published_at 2026-04-04T12:55:00Z
4
value 0.00044
scoring_system epss
scoring_elements 0.13551
published_at 2026-04-02T12:55:00Z
5
value 0.00044
scoring_system epss
scoring_elements 0.13341
published_at 2026-04-18T12:55:00Z
6
value 0.00044
scoring_system epss
scoring_elements 0.13342
published_at 2026-04-16T12:55:00Z
7
value 0.00044
scoring_system epss
scoring_elements 0.13431
published_at 2026-04-13T12:55:00Z
8
value 0.00044
scoring_system epss
scoring_elements 0.13477
published_at 2026-04-12T12:55:00Z
9
value 0.00044
scoring_system epss
scoring_elements 0.13514
published_at 2026-04-11T12:55:00Z
10
value 0.00044
scoring_system epss
scoring_elements 0.1354
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31628
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2133688
reference_id 2133688
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2133688
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/
reference_id 2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T20:24:46Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/
9
reference_url https://bugs.php.net/bug.php?id=81726
reference_id bug.php?id=81726
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T20:24:46Z/
url https://bugs.php.net/bug.php?id=81726
10
reference_url https://www.debian.org/security/2022/dsa-5277
reference_id dsa-5277
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T20:24:46Z/
url https://www.debian.org/security/2022/dsa-5277
11
reference_url https://security.gentoo.org/glsa/202211-03
reference_id GLSA-202211-03
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T20:24:46Z/
url https://security.gentoo.org/glsa/202211-03
12
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html
reference_id msg00030.html
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T20:24:46Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html
13
reference_url https://security.netapp.com/advisory/ntap-20221209-0001/
reference_id ntap-20221209-0001
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T20:24:46Z/
url https://security.netapp.com/advisory/ntap-20221209-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2023:0848
reference_id RHSA-2023:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0848
15
reference_url https://access.redhat.com/errata/RHSA-2023:0965
reference_id RHSA-2023:0965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0965
16
reference_url https://access.redhat.com/errata/RHSA-2023:2417
reference_id RHSA-2023:2417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2417
17
reference_url https://access.redhat.com/errata/RHSA-2023:2903
reference_id RHSA-2023:2903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2903
18
reference_url https://usn.ubuntu.com/5717-1/
reference_id USN-5717-1
reference_type
scores
url https://usn.ubuntu.com/5717-1/
19
reference_url https://usn.ubuntu.com/5905-1/
reference_id USN-5905-1
reference_type
scores
url https://usn.ubuntu.com/5905-1/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/
reference_id VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T20:24:46Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/
reference_id XNIEABBH5XCXLFWWZYIDE457SPEDZTXV
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T20:24:46Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2022-31628
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3v5-hed2-wqeb
24
url VCID-bf18-3zx5-f7gr
vulnerability_id VCID-bf18-3zx5-f7gr
summary php: Header parser of http stream wrapper does not handle folded headers
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1217.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1217.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1217
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.2253
published_at 2026-04-04T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22487
published_at 2026-04-02T12:55:00Z
2
value 0.00098
scoring_system epss
scoring_elements 0.27049
published_at 2026-04-08T12:55:00Z
3
value 0.00098
scoring_system epss
scoring_elements 0.27053
published_at 2026-04-12T12:55:00Z
4
value 0.00098
scoring_system epss
scoring_elements 0.26996
published_at 2026-04-13T12:55:00Z
5
value 0.00098
scoring_system epss
scoring_elements 0.27005
published_at 2026-04-16T12:55:00Z
6
value 0.00098
scoring_system epss
scoring_elements 0.26979
published_at 2026-04-18T12:55:00Z
7
value 0.00098
scoring_system epss
scoring_elements 0.2698
published_at 2026-04-07T12:55:00Z
8
value 0.00098
scoring_system epss
scoring_elements 0.27094
published_at 2026-04-09T12:55:00Z
9
value 0.00098
scoring_system epss
scoring_elements 0.27097
published_at 2026-04-11T12:55:00Z
10
value 0.00203
scoring_system epss
scoring_elements 0.42347
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1217
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1217
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2355917
reference_id 2355917
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2355917
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g
reference_id GHSA-v8xr-gpvj-cx9g
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/R:A
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T13:23:16Z/
url https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g
6
reference_url https://access.redhat.com/errata/RHSA-2025:15687
reference_id RHSA-2025:15687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15687
7
reference_url https://access.redhat.com/errata/RHSA-2025:4263
reference_id RHSA-2025:4263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4263
8
reference_url https://access.redhat.com/errata/RHSA-2025:7418
reference_id RHSA-2025:7418
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7418
9
reference_url https://access.redhat.com/errata/RHSA-2025:7431
reference_id RHSA-2025:7431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7431
10
reference_url https://access.redhat.com/errata/RHSA-2025:7432
reference_id RHSA-2025:7432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7432
11
reference_url https://access.redhat.com/errata/RHSA-2025:7489
reference_id RHSA-2025:7489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7489
12
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
13
reference_url https://usn.ubuntu.com/7400-1/
reference_id USN-7400-1
reference_type
scores
url https://usn.ubuntu.com/7400-1/
14
reference_url https://usn.ubuntu.com/7645-1/
reference_id USN-7645-1
reference_type
scores
url https://usn.ubuntu.com/7645-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u8%3Fdistro=bullseye
aliases CVE-2025-1217
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bf18-3zx5-f7gr
25
url VCID-buvz-8rkh-8kak
vulnerability_id VCID-buvz-8rkh-8kak
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21708.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21708.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21708
reference_id
reference_type
scores
0
value 0.00218
scoring_system epss
scoring_elements 0.44373
published_at 2026-04-21T12:55:00Z
1
value 0.00218
scoring_system epss
scoring_elements 0.44453
published_at 2026-04-16T12:55:00Z
2
value 0.00218
scoring_system epss
scoring_elements 0.44444
published_at 2026-04-18T12:55:00Z
3
value 0.0026
scoring_system epss
scoring_elements 0.49347
published_at 2026-04-12T12:55:00Z
4
value 0.0026
scoring_system epss
scoring_elements 0.49349
published_at 2026-04-13T12:55:00Z
5
value 0.0026
scoring_system epss
scoring_elements 0.49374
published_at 2026-04-11T12:55:00Z
6
value 0.00267
scoring_system epss
scoring_elements 0.50217
published_at 2026-04-08T12:55:00Z
7
value 0.00267
scoring_system epss
scoring_elements 0.5021
published_at 2026-04-09T12:55:00Z
8
value 0.00267
scoring_system epss
scoring_elements 0.5014
published_at 2026-04-01T12:55:00Z
9
value 0.00267
scoring_system epss
scoring_elements 0.50185
published_at 2026-04-02T12:55:00Z
10
value 0.00267
scoring_system epss
scoring_elements 0.50213
published_at 2026-04-04T12:55:00Z
11
value 0.00267
scoring_system epss
scoring_elements 0.50163
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21708
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2055879
reference_id 2055879
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2055879
6
reference_url https://security.archlinux.org/AVG-2695
reference_id AVG-2695
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2695
7
reference_url https://security.gentoo.org/glsa/202209-20
reference_id GLSA-202209-20
reference_type
scores
url https://security.gentoo.org/glsa/202209-20
8
reference_url https://access.redhat.com/errata/RHSA-2022:7624
reference_id RHSA-2022:7624
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7624
9
reference_url https://access.redhat.com/errata/RHSA-2022:7628
reference_id RHSA-2022:7628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7628
10
reference_url https://access.redhat.com/errata/RHSA-2022:8197
reference_id RHSA-2022:8197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8197
11
reference_url https://access.redhat.com/errata/RHSA-2025:3016
reference_id RHSA-2025:3016
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3016
12
reference_url https://access.redhat.com/errata/RHSA-2025:3076
reference_id RHSA-2025:3076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3076
13
reference_url https://usn.ubuntu.com/5303-1/
reference_id USN-5303-1
reference_type
scores
url https://usn.ubuntu.com/5303-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.28-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.28-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.28-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2021-21708
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-buvz-8rkh-8kak
26
url VCID-c524-3my9-n7d3
vulnerability_id VCID-c524-3my9-n7d3
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31625.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31625.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31625
reference_id
reference_type
scores
0
value 0.00766
scoring_system epss
scoring_elements 0.73493
published_at 2026-04-21T12:55:00Z
1
value 0.00766
scoring_system epss
scoring_elements 0.73491
published_at 2026-04-16T12:55:00Z
2
value 0.00766
scoring_system epss
scoring_elements 0.735
published_at 2026-04-18T12:55:00Z
3
value 0.00766
scoring_system epss
scoring_elements 0.73408
published_at 2026-04-02T12:55:00Z
4
value 0.00766
scoring_system epss
scoring_elements 0.73431
published_at 2026-04-04T12:55:00Z
5
value 0.00766
scoring_system epss
scoring_elements 0.73403
published_at 2026-04-07T12:55:00Z
6
value 0.00766
scoring_system epss
scoring_elements 0.7344
published_at 2026-04-08T12:55:00Z
7
value 0.00766
scoring_system epss
scoring_elements 0.73453
published_at 2026-04-09T12:55:00Z
8
value 0.00766
scoring_system epss
scoring_elements 0.73476
published_at 2026-04-11T12:55:00Z
9
value 0.00766
scoring_system epss
scoring_elements 0.73457
published_at 2026-04-12T12:55:00Z
10
value 0.00766
scoring_system epss
scoring_elements 0.73449
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31625
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2098521
reference_id 2098521
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2098521
6
reference_url https://security.archlinux.org/AVG-2768
reference_id AVG-2768
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2768
7
reference_url https://security.gentoo.org/glsa/202209-20
reference_id GLSA-202209-20
reference_type
scores
url https://security.gentoo.org/glsa/202209-20
8
reference_url https://access.redhat.com/errata/RHSA-2022:5491
reference_id RHSA-2022:5491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5491
9
reference_url https://access.redhat.com/errata/RHSA-2022:6158
reference_id RHSA-2022:6158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6158
10
reference_url https://access.redhat.com/errata/RHSA-2022:7624
reference_id RHSA-2022:7624
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7624
11
reference_url https://access.redhat.com/errata/RHSA-2022:8197
reference_id RHSA-2022:8197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8197
12
reference_url https://usn.ubuntu.com/5479-1/
reference_id USN-5479-1
reference_type
scores
url https://usn.ubuntu.com/5479-1/
13
reference_url https://usn.ubuntu.com/5479-2/
reference_id USN-5479-2
reference_type
scores
url https://usn.ubuntu.com/5479-2/
14
reference_url https://usn.ubuntu.com/5479-3/
reference_id USN-5479-3
reference_type
scores
url https://usn.ubuntu.com/5479-3/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.30-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.30-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.30-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2022-31625
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c524-3my9-n7d3
27
url VCID-dmvz-493v-mfdr
vulnerability_id VCID-dmvz-493v-mfdr
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3096.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3096.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-3096
reference_id
reference_type
scores
0
value 0.01069
scoring_system epss
scoring_elements 0.77753
published_at 2026-04-21T12:55:00Z
1
value 0.01069
scoring_system epss
scoring_elements 0.77697
published_at 2026-04-04T12:55:00Z
2
value 0.01069
scoring_system epss
scoring_elements 0.7768
published_at 2026-04-07T12:55:00Z
3
value 0.01069
scoring_system epss
scoring_elements 0.77708
published_at 2026-04-08T12:55:00Z
4
value 0.01069
scoring_system epss
scoring_elements 0.77713
published_at 2026-04-09T12:55:00Z
5
value 0.01069
scoring_system epss
scoring_elements 0.77739
published_at 2026-04-11T12:55:00Z
6
value 0.01069
scoring_system epss
scoring_elements 0.77724
published_at 2026-04-12T12:55:00Z
7
value 0.01069
scoring_system epss
scoring_elements 0.77723
published_at 2026-04-13T12:55:00Z
8
value 0.01069
scoring_system epss
scoring_elements 0.7776
published_at 2026-04-16T12:55:00Z
9
value 0.01069
scoring_system epss
scoring_elements 0.77759
published_at 2026-04-18T12:55:00Z
10
value 0.01069
scoring_system epss
scoring_elements 0.7767
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-3096
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url http://www.openwall.com/lists/oss-security/2024/04/12/11
reference_id 11
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-29T15:14:15Z/
url http://www.openwall.com/lists/oss-security/2024/04/12/11
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2275061
reference_id 2275061
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2275061
9
reference_url https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr
reference_id GHSA-h746-cjrr-wfmr
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-29T15:14:15Z/
url https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr
10
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
11
reference_url https://lists.debian.org/debian-lts-announce/2024/05/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-29T15:14:15Z/
url https://lists.debian.org/debian-lts-announce/2024/05/msg00005.html
12
reference_url https://security.netapp.com/advisory/ntap-20240510-0010/
reference_id ntap-20240510-0010
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-29T15:14:15Z/
url https://security.netapp.com/advisory/ntap-20240510-0010/
13
reference_url https://access.redhat.com/errata/RHSA-2024:10949
reference_id RHSA-2024:10949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10949
14
reference_url https://access.redhat.com/errata/RHSA-2024:10950
reference_id RHSA-2024:10950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10950
15
reference_url https://access.redhat.com/errata/RHSA-2024:10951
reference_id RHSA-2024:10951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10951
16
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
17
reference_url https://access.redhat.com/errata/RHSA-2025:7315
reference_id RHSA-2025:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7315
18
reference_url https://usn.ubuntu.com/6757-1/
reference_id USN-6757-1
reference_type
scores
url https://usn.ubuntu.com/6757-1/
19
reference_url https://usn.ubuntu.com/6757-2/
reference_id USN-6757-2
reference_type
scores
url https://usn.ubuntu.com/6757-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2024-3096
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmvz-493v-mfdr
28
url VCID-dqb9-fgsz-rycp
vulnerability_id VCID-dqb9-fgsz-rycp
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2756.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2756.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2756
reference_id
reference_type
scores
0
value 0.07745
scoring_system epss
scoring_elements 0.91955
published_at 2026-04-21T12:55:00Z
1
value 0.07745
scoring_system epss
scoring_elements 0.91917
published_at 2026-04-04T12:55:00Z
2
value 0.07745
scoring_system epss
scoring_elements 0.91923
published_at 2026-04-07T12:55:00Z
3
value 0.07745
scoring_system epss
scoring_elements 0.91936
published_at 2026-04-08T12:55:00Z
4
value 0.07745
scoring_system epss
scoring_elements 0.91942
published_at 2026-04-09T12:55:00Z
5
value 0.07745
scoring_system epss
scoring_elements 0.91945
published_at 2026-04-11T12:55:00Z
6
value 0.07745
scoring_system epss
scoring_elements 0.91944
published_at 2026-04-12T12:55:00Z
7
value 0.07745
scoring_system epss
scoring_elements 0.91941
published_at 2026-04-13T12:55:00Z
8
value 0.07745
scoring_system epss
scoring_elements 0.9196
published_at 2026-04-16T12:55:00Z
9
value 0.07745
scoring_system epss
scoring_elements 0.91957
published_at 2026-04-18T12:55:00Z
10
value 0.07745
scoring_system epss
scoring_elements 0.91909
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2756
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url http://www.openwall.com/lists/oss-security/2024/04/12/11
reference_id 11
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T17:19:19Z/
url http://www.openwall.com/lists/oss-security/2024/04/12/11
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2275058
reference_id 2275058
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2275058
9
reference_url https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4
reference_id GHSA-wpj3-hf5j-x4v4
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T17:19:19Z/
url https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4
10
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
11
reference_url https://lists.debian.org/debian-lts-announce/2024/05/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T17:19:19Z/
url https://lists.debian.org/debian-lts-announce/2024/05/msg00005.html
12
reference_url https://security.netapp.com/advisory/ntap-20240510-0008/
reference_id ntap-20240510-0008
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T17:19:19Z/
url https://security.netapp.com/advisory/ntap-20240510-0008/
13
reference_url https://access.redhat.com/errata/RHSA-2024:10949
reference_id RHSA-2024:10949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10949
14
reference_url https://access.redhat.com/errata/RHSA-2024:10950
reference_id RHSA-2024:10950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10950
15
reference_url https://access.redhat.com/errata/RHSA-2024:10951
reference_id RHSA-2024:10951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10951
16
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
17
reference_url https://access.redhat.com/errata/RHSA-2025:7315
reference_id RHSA-2025:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7315
18
reference_url https://usn.ubuntu.com/6757-1/
reference_id USN-6757-1
reference_type
scores
url https://usn.ubuntu.com/6757-1/
19
reference_url https://usn.ubuntu.com/6757-2/
reference_id USN-6757-2
reference_type
scores
url https://usn.ubuntu.com/6757-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2024-2756
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dqb9-fgsz-rycp
29
url VCID-e16f-4ynx-fqb9
vulnerability_id VCID-e16f-4ynx-fqb9
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5458.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5458.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5458
reference_id
reference_type
scores
0
value 0.03579
scoring_system epss
scoring_elements 0.87752
published_at 2026-04-21T12:55:00Z
1
value 0.03579
scoring_system epss
scoring_elements 0.87695
published_at 2026-04-02T12:55:00Z
2
value 0.03579
scoring_system epss
scoring_elements 0.87707
published_at 2026-04-04T12:55:00Z
3
value 0.03579
scoring_system epss
scoring_elements 0.87709
published_at 2026-04-07T12:55:00Z
4
value 0.03579
scoring_system epss
scoring_elements 0.8773
published_at 2026-04-08T12:55:00Z
5
value 0.03579
scoring_system epss
scoring_elements 0.87736
published_at 2026-04-09T12:55:00Z
6
value 0.03579
scoring_system epss
scoring_elements 0.87747
published_at 2026-04-11T12:55:00Z
7
value 0.03579
scoring_system epss
scoring_elements 0.87741
published_at 2026-04-12T12:55:00Z
8
value 0.03579
scoring_system epss
scoring_elements 0.87739
published_at 2026-04-13T12:55:00Z
9
value 0.03579
scoring_system epss
scoring_elements 0.87753
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5458
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5458
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5458
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.openwall.com/lists/oss-security/2024/06/07/1
reference_id 1
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/
url http://www.openwall.com/lists/oss-security/2024/06/07/1
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072885
reference_id 1072885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072885
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2291252
reference_id 2291252
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2291252
7
reference_url https://github.com/php/php-src/security/advisories/GHSA-w8qr-v226-r27w
reference_id GHSA-w8qr-v226-r27w
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/
url https://github.com/php/php-src/security/advisories/GHSA-w8qr-v226-r27w
8
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
9
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00009.html
reference_id msg00009.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00009.html
10
reference_url https://security.netapp.com/advisory/ntap-20240726-0001/
reference_id ntap-20240726-0001
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/
url https://security.netapp.com/advisory/ntap-20240726-0001/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
reference_id PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
12
reference_url https://access.redhat.com/errata/RHSA-2024:10949
reference_id RHSA-2024:10949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10949
13
reference_url https://access.redhat.com/errata/RHSA-2024:10950
reference_id RHSA-2024:10950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10950
14
reference_url https://access.redhat.com/errata/RHSA-2024:10951
reference_id RHSA-2024:10951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10951
15
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
16
reference_url https://access.redhat.com/errata/RHSA-2025:7315
reference_id RHSA-2025:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7315
17
reference_url https://usn.ubuntu.com/6841-1/
reference_id USN-6841-1
reference_type
scores
url https://usn.ubuntu.com/6841-1/
18
reference_url https://usn.ubuntu.com/6841-2/
reference_id USN-6841-2
reference_type
scores
url https://usn.ubuntu.com/6841-2/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
reference_id W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u6%3Fdistro=bullseye
aliases CVE-2024-5458
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e16f-4ynx-fqb9
30
url VCID-es75-j9rx-zbe5
vulnerability_id VCID-es75-j9rx-zbe5
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7067.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7067.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7067
reference_id
reference_type
scores
0
value 0.09983
scoring_system epss
scoring_elements 0.93018
published_at 2026-04-01T12:55:00Z
1
value 0.09983
scoring_system epss
scoring_elements 0.93027
published_at 2026-04-02T12:55:00Z
2
value 0.09983
scoring_system epss
scoring_elements 0.93031
published_at 2026-04-07T12:55:00Z
3
value 0.09983
scoring_system epss
scoring_elements 0.93039
published_at 2026-04-08T12:55:00Z
4
value 0.09983
scoring_system epss
scoring_elements 0.93043
published_at 2026-04-09T12:55:00Z
5
value 0.09983
scoring_system epss
scoring_elements 0.93048
published_at 2026-04-11T12:55:00Z
6
value 0.09983
scoring_system epss
scoring_elements 0.93046
published_at 2026-04-12T12:55:00Z
7
value 0.09983
scoring_system epss
scoring_elements 0.93047
published_at 2026-04-13T12:55:00Z
8
value 0.09983
scoring_system epss
scoring_elements 0.93058
published_at 2026-04-16T12:55:00Z
9
value 0.09983
scoring_system epss
scoring_elements 0.93061
published_at 2026-04-18T12:55:00Z
10
value 0.09983
scoring_system epss
scoring_elements 0.93067
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7067
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1827653
reference_id 1827653
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1827653
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.5-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.5-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.5-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7067
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-es75-j9rx-zbe5
31
url VCID-ewbq-2gm8-tyf5
vulnerability_id VCID-ewbq-2gm8-tyf5
summary 
Buffer overflow in sponge queue functions
### Impact

The Keccak sponge function interface accepts partial inputs to be absorbed and partial outputs to be squeezed. A buffer can overflow when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more.

### Patches

Yes, see commit [fdc6fef0](https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a).

### Workarounds

The problem can be avoided by limiting the size of the partial input data (or partial output digest) below 2^32 - 200 bytes. Multiple calls to the queue system can be chained at a higher level to retain the original functionality. Alternatively, one can process the entire input (or produce the entire output) at once, avoiding the queuing functions altogether.

### References

See [issue #105](https://github.com/XKCP/XKCP/issues/105) for more details.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37454
reference_id
reference_type
scores
0
value 0.01329
scoring_system epss
scoring_elements 0.79903
published_at 2026-04-07T12:55:00Z
1
value 0.01329
scoring_system epss
scoring_elements 0.79894
published_at 2026-04-02T12:55:00Z
2
value 0.01329
scoring_system epss
scoring_elements 0.79915
published_at 2026-04-04T12:55:00Z
3
value 0.01329
scoring_system epss
scoring_elements 0.79935
published_at 2026-04-13T12:55:00Z
4
value 0.01329
scoring_system epss
scoring_elements 0.79943
published_at 2026-04-12T12:55:00Z
5
value 0.01329
scoring_system epss
scoring_elements 0.7996
published_at 2026-04-11T12:55:00Z
6
value 0.01329
scoring_system epss
scoring_elements 0.7994
published_at 2026-04-09T12:55:00Z
7
value 0.01329
scoring_system epss
scoring_elements 0.79931
published_at 2026-04-08T12:55:00Z
8
value 0.014
scoring_system epss
scoring_elements 0.80444
published_at 2026-04-16T12:55:00Z
9
value 0.014
scoring_system epss
scoring_elements 0.80449
published_at 2026-04-21T12:55:00Z
10
value 0.014
scoring_system epss
scoring_elements 0.80446
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37454
2
reference_url https://csrc.nist.gov/projects/hash-functions/sha-3-project
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://csrc.nist.gov/projects/hash-functions/sha-3-project
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
7
reference_url https://eprint.iacr.org/2023/331
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://eprint.iacr.org/2023/331
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312
10
reference_url https://github.com/johanns/sha3/issues/17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/johanns/sha3/issues/17
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml
12
reference_url https://github.com/tiran/pysha3/issues/29
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/tiran/pysha3/issues/29
13
reference_url https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a
14
reference_url https://github.com/XKCP/XKCP/issues/105
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/XKCP/XKCP/issues/105
15
reference_url https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658
16
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html
17
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
26
reference_url https://mouha.be/sha-3-buffer-overflow
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://mouha.be/sha-3-buffer-overflow
27
reference_url https://mouha.be/sha-3-buffer-overflow/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://mouha.be/sha-3-buffer-overflow/
28
reference_url https://news.ycombinator.com/item?id=33281106
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://news.ycombinator.com/item?id=33281106
29
reference_url https://news.ycombinator.com/item?id=35050307
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://news.ycombinator.com/item?id=35050307
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-37454
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-37454
31
reference_url https://security.gentoo.org/glsa/202305-02
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://security.gentoo.org/glsa/202305-02
32
reference_url https://www.debian.org/security/2022/dsa-5267
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://www.debian.org/security/2022/dsa-5267
33
reference_url https://www.debian.org/security/2022/dsa-5269
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://www.debian.org/security/2022/dsa-5269
34
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030
reference_id 1023030
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2140200
reference_id 2140200
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2140200
36
reference_url https://github.com/advisories/GHSA-6w4m-2xhg-2658
reference_id GHSA-6w4m-2xhg-2658
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6w4m-2xhg-2658
37
reference_url https://security.gentoo.org/glsa/202211-03
reference_id GLSA-202211-03
reference_type
scores
url https://security.gentoo.org/glsa/202211-03
38
reference_url https://access.redhat.com/errata/RHSA-2023:0848
reference_id RHSA-2023:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0848
39
reference_url https://access.redhat.com/errata/RHSA-2023:0965
reference_id RHSA-2023:0965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0965
40
reference_url https://access.redhat.com/errata/RHSA-2023:2417
reference_id RHSA-2023:2417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2417
41
reference_url https://access.redhat.com/errata/RHSA-2023:2903
reference_id RHSA-2023:2903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2903
42
reference_url https://usn.ubuntu.com/5717-1/
reference_id USN-5717-1
reference_type
scores
url https://usn.ubuntu.com/5717-1/
43
reference_url https://usn.ubuntu.com/5767-1/
reference_id USN-5767-1
reference_type
scores
url https://usn.ubuntu.com/5767-1/
44
reference_url https://usn.ubuntu.com/5767-3/
reference_id USN-5767-3
reference_type
scores
url https://usn.ubuntu.com/5767-3/
45
reference_url https://usn.ubuntu.com/5888-1/
reference_id USN-5888-1
reference_type
scores
url https://usn.ubuntu.com/5888-1/
46
reference_url https://usn.ubuntu.com/5930-1/
reference_id USN-5930-1
reference_type
scores
url https://usn.ubuntu.com/5930-1/
47
reference_url https://usn.ubuntu.com/5931-1/
reference_id USN-5931-1
reference_type
scores
url https://usn.ubuntu.com/5931-1/
48
reference_url https://usn.ubuntu.com/6524-1/
reference_id USN-6524-1
reference_type
scores
url https://usn.ubuntu.com/6524-1/
49
reference_url https://usn.ubuntu.com/6525-1/
reference_id USN-6525-1
reference_type
scores
url https://usn.ubuntu.com/6525-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2022-37454, GHSA-6w4m-2xhg-2658
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ewbq-2gm8-tyf5
32
url VCID-f3vu-gjgg-zbgr
vulnerability_id VCID-f3vu-gjgg-zbgr
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in a Denial of Service condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21702.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21702.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21702
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.50548
published_at 2026-04-01T12:55:00Z
1
value 0.00272
scoring_system epss
scoring_elements 0.50664
published_at 2026-04-21T12:55:00Z
2
value 0.00272
scoring_system epss
scoring_elements 0.50678
published_at 2026-04-16T12:55:00Z
3
value 0.00272
scoring_system epss
scoring_elements 0.50684
published_at 2026-04-18T12:55:00Z
4
value 0.00272
scoring_system epss
scoring_elements 0.506
published_at 2026-04-02T12:55:00Z
5
value 0.00272
scoring_system epss
scoring_elements 0.50628
published_at 2026-04-04T12:55:00Z
6
value 0.00272
scoring_system epss
scoring_elements 0.50581
published_at 2026-04-07T12:55:00Z
7
value 0.00272
scoring_system epss
scoring_elements 0.50636
published_at 2026-04-13T12:55:00Z
8
value 0.00272
scoring_system epss
scoring_elements 0.50632
published_at 2026-04-09T12:55:00Z
9
value 0.00272
scoring_system epss
scoring_elements 0.50674
published_at 2026-04-11T12:55:00Z
10
value 0.00272
scoring_system epss
scoring_elements 0.50652
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21702
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1925272
reference_id 1925272
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1925272
9
reference_url https://security.archlinux.org/ASA-202102-15
reference_id ASA-202102-15
reference_type
scores
url https://security.archlinux.org/ASA-202102-15
10
reference_url https://security.archlinux.org/AVG-1531
reference_id AVG-1531
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1531
11
reference_url https://security.gentoo.org/glsa/202105-23
reference_id GLSA-202105-23
reference_type
scores
url https://security.gentoo.org/glsa/202105-23
12
reference_url https://access.redhat.com/errata/RHSA-2021:2992
reference_id RHSA-2021:2992
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2992
13
reference_url https://access.redhat.com/errata/RHSA-2021:4213
reference_id RHSA-2021:4213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4213
14
reference_url https://usn.ubuntu.com/5006-1/
reference_id USN-5006-1
reference_type
scores
url https://usn.ubuntu.com/5006-1/
15
reference_url https://usn.ubuntu.com/5006-2/
reference_id USN-5006-2
reference_type
scores
url https://usn.ubuntu.com/5006-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.15-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.15-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.15-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2021-21702
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f3vu-gjgg-zbgr
33
url VCID-fhh6-shuh-v3am
vulnerability_id VCID-fhh6-shuh-v3am
summary php: potential buffer overflow in php_cli_server_startup_workers
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4900.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4900.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4900
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20282
published_at 2026-04-02T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20339
published_at 2026-04-04T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20063
published_at 2026-04-07T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20144
published_at 2026-04-08T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20202
published_at 2026-04-09T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20226
published_at 2026-04-11T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20182
published_at 2026-04-12T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20124
published_at 2026-04-13T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20116
published_at 2026-04-16T12:55:00Z
9
value 0.00065
scoring_system epss
scoring_elements 0.20121
published_at 2026-04-18T12:55:00Z
10
value 0.00065
scoring_system epss
scoring_elements 0.2012
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4900
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4900
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2179880
reference_id 2179880
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2179880
5
reference_url https://access.redhat.com/errata/RHSA-2023:0848
reference_id RHSA-2023:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0848
6
reference_url https://usn.ubuntu.com/6757-1/
reference_id USN-6757-1
reference_type
scores
url https://usn.ubuntu.com/6757-1/
7
reference_url https://usn.ubuntu.com/6757-2/
reference_id USN-6757-2
reference_type
scores
url https://usn.ubuntu.com/6757-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u6%3Fdistro=bullseye
aliases CVE-2022-4900
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhh6-shuh-v3am
34
url VCID-fyhr-st6h-eker
vulnerability_id VCID-fyhr-st6h-eker
summary php: PHP Hostname Null Character Vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1220.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1220.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1220
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.1132
published_at 2026-04-04T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11261
published_at 2026-04-02T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15356
published_at 2026-04-07T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.15785
published_at 2026-04-21T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.15809
published_at 2026-04-13T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.15732
published_at 2026-04-16T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.15741
published_at 2026-04-18T12:55:00Z
7
value 0.00051
scoring_system epss
scoring_elements 0.15877
published_at 2026-04-12T12:55:00Z
8
value 0.00051
scoring_system epss
scoring_elements 0.1594
published_at 2026-04-09T12:55:00Z
9
value 0.00051
scoring_system epss
scoring_elements 0.15916
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1220
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1220
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1220
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379792
reference_id 2379792
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379792
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r
reference_id GHSA-3cr5-j632-f35r
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T15:58:46Z/
url https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r
6
reference_url https://access.redhat.com/errata/RHSA-2025:23309
reference_id RHSA-2025:23309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23309
7
reference_url https://access.redhat.com/errata/RHSA-2026:1409
reference_id RHSA-2026:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1409
8
reference_url https://access.redhat.com/errata/RHSA-2026:1412
reference_id RHSA-2026:1412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1412
9
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
10
reference_url https://usn.ubuntu.com/7648-1/
reference_id USN-7648-1
reference_type
scores
url https://usn.ubuntu.com/7648-1/
11
reference_url https://usn.ubuntu.com/7648-2/
reference_id USN-7648-2
reference_type
scores
url https://usn.ubuntu.com/7648-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u9%3Fdistro=bullseye
aliases CVE-2025-1220
risk_score 1.9
exploitability 0.5
weighted_severity 3.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyhr-st6h-eker
35
url VCID-g2sk-sa2j-dkcv
vulnerability_id VCID-g2sk-sa2j-dkcv
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3824.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3824.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3824
reference_id
reference_type
scores
0
value 0.32366
scoring_system epss
scoring_elements 0.96855
published_at 2026-04-21T12:55:00Z
1
value 0.32366
scoring_system epss
scoring_elements 0.96841
published_at 2026-04-12T12:55:00Z
2
value 0.32366
scoring_system epss
scoring_elements 0.96842
published_at 2026-04-13T12:55:00Z
3
value 0.32366
scoring_system epss
scoring_elements 0.96849
published_at 2026-04-16T12:55:00Z
4
value 0.32366
scoring_system epss
scoring_elements 0.96853
published_at 2026-04-18T12:55:00Z
5
value 0.32366
scoring_system epss
scoring_elements 0.96837
published_at 2026-04-08T12:55:00Z
6
value 0.32366
scoring_system epss
scoring_elements 0.96838
published_at 2026-04-09T12:55:00Z
7
value 0.32366
scoring_system epss
scoring_elements 0.9684
published_at 2026-04-11T12:55:00Z
8
value 0.34999
scoring_system epss
scoring_elements 0.97005
published_at 2026-04-02T12:55:00Z
9
value 0.34999
scoring_system epss
scoring_elements 0.97009
published_at 2026-04-04T12:55:00Z
10
value 0.34999
scoring_system epss
scoring_elements 0.9701
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3824
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043477
reference_id 1043477
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043477
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230101
reference_id 2230101
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230101
9
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
10
reference_url https://access.redhat.com/errata/RHSA-2023:5926
reference_id RHSA-2023:5926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5926
11
reference_url https://access.redhat.com/errata/RHSA-2023:5927
reference_id RHSA-2023:5927
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5927
12
reference_url https://access.redhat.com/errata/RHSA-2024:0387
reference_id RHSA-2024:0387
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0387
13
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
14
reference_url https://usn.ubuntu.com/6305-1/
reference_id USN-6305-1
reference_type
scores
url https://usn.ubuntu.com/6305-1/
15
reference_url https://usn.ubuntu.com/6305-2/
reference_id USN-6305-2
reference_type
scores
url https://usn.ubuntu.com/6305-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2023-3824
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2sk-sa2j-dkcv
36
url VCID-gu2y-9qzw-8ke4
vulnerability_id VCID-gu2y-9qzw-8ke4
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3823.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3823.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3823
reference_id
reference_type
scores
0
value 0.00343
scoring_system epss
scoring_elements 0.56953
published_at 2026-04-02T12:55:00Z
1
value 0.00343
scoring_system epss
scoring_elements 0.56975
published_at 2026-04-04T12:55:00Z
2
value 0.00343
scoring_system epss
scoring_elements 0.5695
published_at 2026-04-07T12:55:00Z
3
value 0.00343
scoring_system epss
scoring_elements 0.57002
published_at 2026-04-08T12:55:00Z
4
value 0.00343
scoring_system epss
scoring_elements 0.57004
published_at 2026-04-09T12:55:00Z
5
value 0.00343
scoring_system epss
scoring_elements 0.57012
published_at 2026-04-11T12:55:00Z
6
value 0.00343
scoring_system epss
scoring_elements 0.56991
published_at 2026-04-12T12:55:00Z
7
value 0.00343
scoring_system epss
scoring_elements 0.56968
published_at 2026-04-13T12:55:00Z
8
value 0.00343
scoring_system epss
scoring_elements 0.56997
published_at 2026-04-16T12:55:00Z
9
value 0.00343
scoring_system epss
scoring_elements 0.56994
published_at 2026-04-18T12:55:00Z
10
value 0.00343
scoring_system epss
scoring_elements 0.5697
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3823
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043477
reference_id 1043477
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043477
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2229396
reference_id 2229396
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2229396
9
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
10
reference_url https://access.redhat.com/errata/RHSA-2023:5926
reference_id RHSA-2023:5926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5926
11
reference_url https://access.redhat.com/errata/RHSA-2023:5927
reference_id RHSA-2023:5927
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5927
12
reference_url https://access.redhat.com/errata/RHSA-2024:0387
reference_id RHSA-2024:0387
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0387
13
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
14
reference_url https://usn.ubuntu.com/6305-1/
reference_id USN-6305-1
reference_type
scores
url https://usn.ubuntu.com/6305-1/
15
reference_url https://usn.ubuntu.com/6305-2/
reference_id USN-6305-2
reference_type
scores
url https://usn.ubuntu.com/6305-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2023-3823
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gu2y-9qzw-8ke4
37
url VCID-h5jx-kf86-5yej
vulnerability_id VCID-h5jx-kf86-5yej
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary shell commands.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7066.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7066.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7066
reference_id
reference_type
scores
0
value 0.01533
scoring_system epss
scoring_elements 0.81258
published_at 2026-04-01T12:55:00Z
1
value 0.01533
scoring_system epss
scoring_elements 0.8136
published_at 2026-04-21T12:55:00Z
2
value 0.01533
scoring_system epss
scoring_elements 0.81329
published_at 2026-04-12T12:55:00Z
3
value 0.01533
scoring_system epss
scoring_elements 0.81321
published_at 2026-04-13T12:55:00Z
4
value 0.01533
scoring_system epss
scoring_elements 0.81358
published_at 2026-04-16T12:55:00Z
5
value 0.01533
scoring_system epss
scoring_elements 0.81361
published_at 2026-04-18T12:55:00Z
6
value 0.01533
scoring_system epss
scoring_elements 0.81267
published_at 2026-04-02T12:55:00Z
7
value 0.01533
scoring_system epss
scoring_elements 0.8129
published_at 2026-04-04T12:55:00Z
8
value 0.01533
scoring_system epss
scoring_elements 0.81288
published_at 2026-04-07T12:55:00Z
9
value 0.01533
scoring_system epss
scoring_elements 0.81317
published_at 2026-04-08T12:55:00Z
10
value 0.01533
scoring_system epss
scoring_elements 0.81322
published_at 2026-04-09T12:55:00Z
11
value 0.01533
scoring_system epss
scoring_elements 0.81342
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7066
3
reference_url https://bugs.php.net/bug.php?id=79329
reference_id
reference_type
scores
url https://bugs.php.net/bug.php?id=79329
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html
13
reference_url https://security.netapp.com/advisory/ntap-20200403-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200403-0001/
14
reference_url https://www.debian.org/security/2020/dsa-4717
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4717
15
reference_url https://www.debian.org/security/2020/dsa-4719
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4719
16
reference_url https://www.tenable.com/security/tns-2021-14
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2021-14
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1820604
reference_id 1820604
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1820604
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:tenable.sc:5.19.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:tenable:tenable.sc:5.19.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:tenable.sc:5.19.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7066
reference_id CVE-2020-7066
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-7066
26
reference_url https://security.gentoo.org/glsa/202003-57
reference_id GLSA-202003-57
reference_type
scores
url https://security.gentoo.org/glsa/202003-57
27
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
28
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
29
reference_url https://usn.ubuntu.com/4330-1/
reference_id USN-4330-1
reference_type
scores
url https://usn.ubuntu.com/4330-1/
30
reference_url https://usn.ubuntu.com/4330-2/
reference_id USN-4330-2
reference_type
scores
url https://usn.ubuntu.com/4330-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.5-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.5-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.5-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7066
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h5jx-kf86-5yej
38
url VCID-h7pk-y5gm-kyg7
vulnerability_id VCID-h7pk-y5gm-kyg7
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0567.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0567.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0567
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.1787
published_at 2026-04-02T12:55:00Z
1
value 0.00057
scoring_system epss
scoring_elements 0.17692
published_at 2026-04-21T12:55:00Z
2
value 0.00057
scoring_system epss
scoring_elements 0.17712
published_at 2026-04-08T12:55:00Z
3
value 0.00057
scoring_system epss
scoring_elements 0.17773
published_at 2026-04-09T12:55:00Z
4
value 0.00057
scoring_system epss
scoring_elements 0.17791
published_at 2026-04-11T12:55:00Z
5
value 0.00057
scoring_system epss
scoring_elements 0.17746
published_at 2026-04-12T12:55:00Z
6
value 0.00057
scoring_system epss
scoring_elements 0.17698
published_at 2026-04-13T12:55:00Z
7
value 0.00057
scoring_system epss
scoring_elements 0.17645
published_at 2026-04-16T12:55:00Z
8
value 0.00057
scoring_system epss
scoring_elements 0.17654
published_at 2026-04-18T12:55:00Z
9
value 0.00057
scoring_system epss
scoring_elements 0.17923
published_at 2026-04-04T12:55:00Z
10
value 0.00057
scoring_system epss
scoring_elements 0.17624
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0567
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368
reference_id 1031368
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170771
reference_id 2170771
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170771
9
reference_url https://bugs.php.net/bug.php?id=81744
reference_id bug.php?id=81744
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-01T15:34:47Z/
url https://bugs.php.net/bug.php?id=81744
10
reference_url https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
reference_id GHSA-7fj2-8x79-rjf4
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-01T15:34:47Z/
url https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
11
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
12
reference_url https://access.redhat.com/errata/RHSA-2023:5926
reference_id RHSA-2023:5926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5926
13
reference_url https://access.redhat.com/errata/RHSA-2023:5927
reference_id RHSA-2023:5927
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5927
14
reference_url https://access.redhat.com/errata/RHSA-2024:0387
reference_id RHSA-2024:0387
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0387
15
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
16
reference_url https://usn.ubuntu.com/5902-1/
reference_id USN-5902-1
reference_type
scores
url https://usn.ubuntu.com/5902-1/
17
reference_url https://usn.ubuntu.com/6053-1/
reference_id USN-6053-1
reference_type
scores
url https://usn.ubuntu.com/6053-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u3?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u3?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u3%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2023-0567
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h7pk-y5gm-kyg7
39
url VCID-hak4-3ww9-aydn
vulnerability_id VCID-hak4-3ww9-aydn
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary shell commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7059.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7059.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7059
reference_id
reference_type
scores
0
value 0.02373
scoring_system epss
scoring_elements 0.84888
published_at 2026-04-01T12:55:00Z
1
value 0.02373
scoring_system epss
scoring_elements 0.84903
published_at 2026-04-02T12:55:00Z
2
value 0.02373
scoring_system epss
scoring_elements 0.84921
published_at 2026-04-04T12:55:00Z
3
value 0.02373
scoring_system epss
scoring_elements 0.84925
published_at 2026-04-07T12:55:00Z
4
value 0.02373
scoring_system epss
scoring_elements 0.84948
published_at 2026-04-08T12:55:00Z
5
value 0.02373
scoring_system epss
scoring_elements 0.84955
published_at 2026-04-09T12:55:00Z
6
value 0.02373
scoring_system epss
scoring_elements 0.84971
published_at 2026-04-11T12:55:00Z
7
value 0.02373
scoring_system epss
scoring_elements 0.8497
published_at 2026-04-12T12:55:00Z
8
value 0.02373
scoring_system epss
scoring_elements 0.84965
published_at 2026-04-13T12:55:00Z
9
value 0.02373
scoring_system epss
scoring_elements 0.84986
published_at 2026-04-16T12:55:00Z
10
value 0.02373
scoring_system epss
scoring_elements 0.84988
published_at 2026-04-18T12:55:00Z
11
value 0.02373
scoring_system epss
scoring_elements 0.84985
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7059
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1797776
reference_id 1797776
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1797776
10
reference_url https://security.gentoo.org/glsa/202003-57
reference_id GLSA-202003-57
reference_type
scores
url https://security.gentoo.org/glsa/202003-57
11
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
12
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
13
reference_url https://usn.ubuntu.com/4279-1/
reference_id USN-4279-1
reference_type
scores
url https://usn.ubuntu.com/4279-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.2-7?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.2-7?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.2-7%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7059
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hak4-3ww9-aydn
40
url VCID-hv57-6hth-6qfj
vulnerability_id VCID-hv57-6hth-6qfj
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary shell commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7060.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7060.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7060
reference_id
reference_type
scores
0
value 0.06404
scoring_system epss
scoring_elements 0.90985
published_at 2026-04-01T12:55:00Z
1
value 0.06404
scoring_system epss
scoring_elements 0.9099
published_at 2026-04-02T12:55:00Z
2
value 0.06404
scoring_system epss
scoring_elements 0.90999
published_at 2026-04-04T12:55:00Z
3
value 0.06404
scoring_system epss
scoring_elements 0.9101
published_at 2026-04-07T12:55:00Z
4
value 0.06404
scoring_system epss
scoring_elements 0.91022
published_at 2026-04-08T12:55:00Z
5
value 0.06404
scoring_system epss
scoring_elements 0.91028
published_at 2026-04-09T12:55:00Z
6
value 0.06404
scoring_system epss
scoring_elements 0.91036
published_at 2026-04-13T12:55:00Z
7
value 0.06404
scoring_system epss
scoring_elements 0.9106
published_at 2026-04-16T12:55:00Z
8
value 0.06404
scoring_system epss
scoring_elements 0.91058
published_at 2026-04-18T12:55:00Z
9
value 0.06404
scoring_system epss
scoring_elements 0.91061
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7060
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1797779
reference_id 1797779
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1797779
10
reference_url https://security.gentoo.org/glsa/202003-57
reference_id GLSA-202003-57
reference_type
scores
url https://security.gentoo.org/glsa/202003-57
11
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
12
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
13
reference_url https://usn.ubuntu.com/4279-1/
reference_id USN-4279-1
reference_type
scores
url https://usn.ubuntu.com/4279-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.2-7?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.2-7?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.2-7%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7060
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hv57-6hth-6qfj
41
url VCID-k9ne-3nu5-xqdv
vulnerability_id VCID-k9ne-3nu5-xqdv
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21703.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21703.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21703
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32825
published_at 2026-04-01T12:55:00Z
1
value 0.00133
scoring_system epss
scoring_elements 0.32811
published_at 2026-04-21T12:55:00Z
2
value 0.00133
scoring_system epss
scoring_elements 0.3287
published_at 2026-04-16T12:55:00Z
3
value 0.00133
scoring_system epss
scoring_elements 0.32847
published_at 2026-04-18T12:55:00Z
4
value 0.00133
scoring_system epss
scoring_elements 0.32956
published_at 2026-04-02T12:55:00Z
5
value 0.00133
scoring_system epss
scoring_elements 0.32991
published_at 2026-04-04T12:55:00Z
6
value 0.00133
scoring_system epss
scoring_elements 0.32814
published_at 2026-04-07T12:55:00Z
7
value 0.00133
scoring_system epss
scoring_elements 0.32861
published_at 2026-04-08T12:55:00Z
8
value 0.00133
scoring_system epss
scoring_elements 0.3289
published_at 2026-04-09T12:55:00Z
9
value 0.00133
scoring_system epss
scoring_elements 0.32891
published_at 2026-04-11T12:55:00Z
10
value 0.00133
scoring_system epss
scoring_elements 0.32853
published_at 2026-04-12T12:55:00Z
11
value 0.00133
scoring_system epss
scoring_elements 0.32828
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21703
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2016535
reference_id 2016535
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2016535
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997003
reference_id 997003
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997003
6
reference_url https://security.archlinux.org/AVG-2486
reference_id AVG-2486
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2486
7
reference_url https://security.gentoo.org/glsa/202209-20
reference_id GLSA-202209-20
reference_type
scores
url https://security.gentoo.org/glsa/202209-20
8
reference_url https://access.redhat.com/errata/RHSA-2022:1935
reference_id RHSA-2022:1935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1935
9
reference_url https://access.redhat.com/errata/RHSA-2022:5491
reference_id RHSA-2022:5491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5491
10
reference_url https://usn.ubuntu.com/5125-1/
reference_id USN-5125-1
reference_type
scores
url https://usn.ubuntu.com/5125-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.25-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.25-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.25-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2021-21703
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k9ne-3nu5-xqdv
42
url VCID-ky48-2f2t-c7bb
vulnerability_id VCID-ky48-2f2t-c7bb
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary shell commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7065.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7065.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7065
reference_id
reference_type
scores
0
value 0.05019
scoring_system epss
scoring_elements 0.89687
published_at 2026-04-01T12:55:00Z
1
value 0.05019
scoring_system epss
scoring_elements 0.89741
published_at 2026-04-21T12:55:00Z
2
value 0.05019
scoring_system epss
scoring_elements 0.89737
published_at 2026-04-12T12:55:00Z
3
value 0.05019
scoring_system epss
scoring_elements 0.8973
published_at 2026-04-13T12:55:00Z
4
value 0.05019
scoring_system epss
scoring_elements 0.89746
published_at 2026-04-18T12:55:00Z
5
value 0.05019
scoring_system epss
scoring_elements 0.8969
published_at 2026-04-02T12:55:00Z
6
value 0.05019
scoring_system epss
scoring_elements 0.89705
published_at 2026-04-04T12:55:00Z
7
value 0.05019
scoring_system epss
scoring_elements 0.89707
published_at 2026-04-07T12:55:00Z
8
value 0.05019
scoring_system epss
scoring_elements 0.89725
published_at 2026-04-08T12:55:00Z
9
value 0.05019
scoring_system epss
scoring_elements 0.89731
published_at 2026-04-09T12:55:00Z
10
value 0.05019
scoring_system epss
scoring_elements 0.89738
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7065
2
reference_url https://bugs.php.net/bug.php?id=79371
reference_id
reference_type
scores
url https://bugs.php.net/bug.php?id=79371
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
10
reference_url https://security.netapp.com/advisory/ntap-20200403-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200403-0001/
11
reference_url https://www.debian.org/security/2020/dsa-4719
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4719
12
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuoct2021.html
13
reference_url https://www.php.net/ChangeLog-7.php#7.4.4
reference_id
reference_type
scores
url https://www.php.net/ChangeLog-7.php#7.4.4
14
reference_url https://www.tenable.com/security/tns-2021-14
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2021-14
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1820627
reference_id 1820627
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1820627
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7065
reference_id CVE-2020-7065
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
2
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2020-7065
26
reference_url https://security.gentoo.org/glsa/202003-57
reference_id GLSA-202003-57
reference_type
scores
url https://security.gentoo.org/glsa/202003-57
27
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
28
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
29
reference_url https://usn.ubuntu.com/4330-1/
reference_id USN-4330-1
reference_type
scores
url https://usn.ubuntu.com/4330-1/
30
reference_url https://usn.ubuntu.com/4330-2/
reference_id USN-4330-2
reference_type
scores
url https://usn.ubuntu.com/4330-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.5-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.5-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.5-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7065
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ky48-2f2t-c7bb
43
url VCID-mtw1-k8na-2udv
vulnerability_id VCID-mtw1-k8na-2udv
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31631.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31631.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31631
reference_id
reference_type
scores
0
value 0.00681
scoring_system epss
scoring_elements 0.71555
published_at 2026-04-02T12:55:00Z
1
value 0.00681
scoring_system epss
scoring_elements 0.71616
published_at 2026-04-21T12:55:00Z
2
value 0.00681
scoring_system epss
scoring_elements 0.71604
published_at 2026-04-12T12:55:00Z
3
value 0.00681
scoring_system epss
scoring_elements 0.7163
published_at 2026-04-16T12:55:00Z
4
value 0.00681
scoring_system epss
scoring_elements 0.71635
published_at 2026-04-18T12:55:00Z
5
value 0.00681
scoring_system epss
scoring_elements 0.71573
published_at 2026-04-04T12:55:00Z
6
value 0.00681
scoring_system epss
scoring_elements 0.71546
published_at 2026-04-07T12:55:00Z
7
value 0.00681
scoring_system epss
scoring_elements 0.71585
published_at 2026-04-13T12:55:00Z
8
value 0.00681
scoring_system epss
scoring_elements 0.71596
published_at 2026-04-09T12:55:00Z
9
value 0.00681
scoring_system epss
scoring_elements 0.71619
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31631
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2158791
reference_id 2158791
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2158791
8
reference_url https://bugs.php.net/bug.php?id=81740
reference_id bug.php?id=81740
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-13T16:06:19Z/
url https://bugs.php.net/bug.php?id=81740
9
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
10
reference_url https://access.redhat.com/errata/RHSA-2023:0848
reference_id RHSA-2023:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0848
11
reference_url https://access.redhat.com/errata/RHSA-2023:0965
reference_id RHSA-2023:0965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0965
12
reference_url https://access.redhat.com/errata/RHSA-2023:2417
reference_id RHSA-2023:2417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2417
13
reference_url https://access.redhat.com/errata/RHSA-2023:2903
reference_id RHSA-2023:2903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2903
14
reference_url https://usn.ubuntu.com/5818-1/
reference_id USN-5818-1
reference_type
scores
url https://usn.ubuntu.com/5818-1/
15
reference_url https://usn.ubuntu.com/5905-1/
reference_id USN-5905-1
reference_type
scores
url https://usn.ubuntu.com/5905-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u3?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u3?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u3%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2022-31631
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mtw1-k8na-2udv
44
url VCID-nrnn-pgxj-xugg
vulnerability_id VCID-nrnn-pgxj-xugg
summary php: Stream HTTP wrapper truncates redirect location to 1024 bytes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1861.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1861.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1861
reference_id
reference_type
scores
0
value 0.00705
scoring_system epss
scoring_elements 0.72086
published_at 2026-04-04T12:55:00Z
1
value 0.00705
scoring_system epss
scoring_elements 0.72065
published_at 2026-04-02T12:55:00Z
2
value 0.00935
scoring_system epss
scoring_elements 0.76144
published_at 2026-04-08T12:55:00Z
3
value 0.00935
scoring_system epss
scoring_elements 0.76158
published_at 2026-04-12T12:55:00Z
4
value 0.00935
scoring_system epss
scoring_elements 0.76155
published_at 2026-04-13T12:55:00Z
5
value 0.00935
scoring_system epss
scoring_elements 0.76197
published_at 2026-04-16T12:55:00Z
6
value 0.00935
scoring_system epss
scoring_elements 0.762
published_at 2026-04-18T12:55:00Z
7
value 0.00935
scoring_system epss
scoring_elements 0.76111
published_at 2026-04-07T12:55:00Z
8
value 0.00935
scoring_system epss
scoring_elements 0.76157
published_at 2026-04-09T12:55:00Z
9
value 0.00935
scoring_system epss
scoring_elements 0.76182
published_at 2026-04-11T12:55:00Z
10
value 0.0098
scoring_system epss
scoring_elements 0.76802
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1861
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1861
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1861
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2356046
reference_id 2356046
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2356046
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff
reference_id GHSA-52jp-hrpf-2jff
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-31T12:55:53Z/
url https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff
6
reference_url https://access.redhat.com/errata/RHSA-2025:15687
reference_id RHSA-2025:15687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15687
7
reference_url https://access.redhat.com/errata/RHSA-2025:4263
reference_id RHSA-2025:4263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4263
8
reference_url https://access.redhat.com/errata/RHSA-2025:7418
reference_id RHSA-2025:7418
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7418
9
reference_url https://access.redhat.com/errata/RHSA-2025:7431
reference_id RHSA-2025:7431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7431
10
reference_url https://access.redhat.com/errata/RHSA-2025:7432
reference_id RHSA-2025:7432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7432
11
reference_url https://access.redhat.com/errata/RHSA-2025:7489
reference_id RHSA-2025:7489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7489
12
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
13
reference_url https://usn.ubuntu.com/7400-1/
reference_id USN-7400-1
reference_type
scores
url https://usn.ubuntu.com/7400-1/
14
reference_url https://usn.ubuntu.com/7645-1/
reference_id USN-7645-1
reference_type
scores
url https://usn.ubuntu.com/7645-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u8%3Fdistro=bullseye
aliases CVE-2025-1861
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nrnn-pgxj-xugg
45
url VCID-p9rr-rq6w-3bhg
vulnerability_id VCID-p9rr-rq6w-3bhg
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary shell commands.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7064.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7064.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7064
reference_id
reference_type
scores
0
value 0.0233
scoring_system epss
scoring_elements 0.84755
published_at 2026-04-01T12:55:00Z
1
value 0.0233
scoring_system epss
scoring_elements 0.8485
published_at 2026-04-21T12:55:00Z
2
value 0.0233
scoring_system epss
scoring_elements 0.84838
published_at 2026-04-11T12:55:00Z
3
value 0.0233
scoring_system epss
scoring_elements 0.84835
published_at 2026-04-12T12:55:00Z
4
value 0.0233
scoring_system epss
scoring_elements 0.8483
published_at 2026-04-13T12:55:00Z
5
value 0.0233
scoring_system epss
scoring_elements 0.84852
published_at 2026-04-18T12:55:00Z
6
value 0.0233
scoring_system epss
scoring_elements 0.8477
published_at 2026-04-02T12:55:00Z
7
value 0.0233
scoring_system epss
scoring_elements 0.84789
published_at 2026-04-04T12:55:00Z
8
value 0.0233
scoring_system epss
scoring_elements 0.84791
published_at 2026-04-07T12:55:00Z
9
value 0.0233
scoring_system epss
scoring_elements 0.84814
published_at 2026-04-08T12:55:00Z
10
value 0.0233
scoring_system epss
scoring_elements 0.8482
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7064
3
reference_url https://bugs.php.net/bug.php?id=79282
reference_id
reference_type
scores
url https://bugs.php.net/bug.php?id=79282
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html
13
reference_url https://security.netapp.com/advisory/ntap-20200403-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200403-0001/
14
reference_url https://www.debian.org/security/2020/dsa-4717
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4717
15
reference_url https://www.debian.org/security/2020/dsa-4719
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4719
16
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujan2021.html
17
reference_url https://www.tenable.com/security/tns-2021-14
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2021-14
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1820601
reference_id 1820601
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1820601
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7064
reference_id CVE-2020-7064
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:P
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://nvd.nist.gov/vuln/detail/CVE-2020-7064
32
reference_url https://security.gentoo.org/glsa/202003-57
reference_id GLSA-202003-57
reference_type
scores
url https://security.gentoo.org/glsa/202003-57
33
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
34
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
35
reference_url https://usn.ubuntu.com/4330-1/
reference_id USN-4330-1
reference_type
scores
url https://usn.ubuntu.com/4330-1/
36
reference_url https://usn.ubuntu.com/4330-2/
reference_id USN-4330-2
reference_type
scores
url https://usn.ubuntu.com/4330-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.5-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.5-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.5-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7064
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9rr-rq6w-3bhg
46
url VCID-qymx-je6t-23a6
vulnerability_id VCID-qymx-je6t-23a6
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2757.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2757.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2757
reference_id
reference_type
scores
0
value 0.00625
scoring_system epss
scoring_elements 0.70208
published_at 2026-04-21T12:55:00Z
1
value 0.00625
scoring_system epss
scoring_elements 0.70166
published_at 2026-04-08T12:55:00Z
2
value 0.00625
scoring_system epss
scoring_elements 0.70182
published_at 2026-04-09T12:55:00Z
3
value 0.00625
scoring_system epss
scoring_elements 0.70205
published_at 2026-04-11T12:55:00Z
4
value 0.00625
scoring_system epss
scoring_elements 0.7019
published_at 2026-04-12T12:55:00Z
5
value 0.00625
scoring_system epss
scoring_elements 0.70178
published_at 2026-04-13T12:55:00Z
6
value 0.00625
scoring_system epss
scoring_elements 0.7022
published_at 2026-04-16T12:55:00Z
7
value 0.00625
scoring_system epss
scoring_elements 0.70229
published_at 2026-04-18T12:55:00Z
8
value 0.00625
scoring_system epss
scoring_elements 0.70126
published_at 2026-04-02T12:55:00Z
9
value 0.00625
scoring_system epss
scoring_elements 0.70141
published_at 2026-04-04T12:55:00Z
10
value 0.00625
scoring_system epss
scoring_elements 0.70118
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2757
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url http://www.openwall.com/lists/oss-security/2024/04/12/11
reference_id 11
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T11:27:03Z/
url http://www.openwall.com/lists/oss-security/2024/04/12/11
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2275068
reference_id 2275068
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2275068
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-fjp9-9hwx-59fq
reference_id GHSA-fjp9-9hwx-59fq
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T11:27:03Z/
url https://github.com/php/php-src/security/advisories/GHSA-fjp9-9hwx-59fq
6
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
7
reference_url https://security.netapp.com/advisory/ntap-20240510-0011/
reference_id ntap-20240510-0011
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T11:27:03Z/
url https://security.netapp.com/advisory/ntap-20240510-0011/
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2024-2757
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qymx-je6t-23a6
47
url VCID-qyx5-b321-2udm
vulnerability_id VCID-qyx5-b321-2udm
summary php: Stream HTTP wrapper header check might omit basic auth header
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1736.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1736.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1736
reference_id
reference_type
scores
0
value 0.00486
scoring_system epss
scoring_elements 0.65377
published_at 2026-04-04T12:55:00Z
1
value 0.00486
scoring_system epss
scoring_elements 0.65351
published_at 2026-04-02T12:55:00Z
2
value 0.00519
scoring_system epss
scoring_elements 0.66802
published_at 2026-04-21T12:55:00Z
3
value 0.00645
scoring_system epss
scoring_elements 0.70731
published_at 2026-04-16T12:55:00Z
4
value 0.00645
scoring_system epss
scoring_elements 0.70738
published_at 2026-04-18T12:55:00Z
5
value 0.00645
scoring_system epss
scoring_elements 0.70633
published_at 2026-04-07T12:55:00Z
6
value 0.00645
scoring_system epss
scoring_elements 0.70679
published_at 2026-04-08T12:55:00Z
7
value 0.00645
scoring_system epss
scoring_elements 0.70695
published_at 2026-04-09T12:55:00Z
8
value 0.00645
scoring_system epss
scoring_elements 0.70718
published_at 2026-04-11T12:55:00Z
9
value 0.00645
scoring_system epss
scoring_elements 0.70701
published_at 2026-04-12T12:55:00Z
10
value 0.00645
scoring_system epss
scoring_elements 0.70686
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1736
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1736
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2356041
reference_id 2356041
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2356041
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528
reference_id GHSA-hgf5-96fm-v528
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T12:57:12Z/
url https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528
6
reference_url https://access.redhat.com/errata/RHSA-2025:15687
reference_id RHSA-2025:15687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15687
7
reference_url https://access.redhat.com/errata/RHSA-2025:4263
reference_id RHSA-2025:4263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4263
8
reference_url https://access.redhat.com/errata/RHSA-2025:7418
reference_id RHSA-2025:7418
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7418
9
reference_url https://access.redhat.com/errata/RHSA-2025:7431
reference_id RHSA-2025:7431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7431
10
reference_url https://access.redhat.com/errata/RHSA-2025:7432
reference_id RHSA-2025:7432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7432
11
reference_url https://access.redhat.com/errata/RHSA-2025:7489
reference_id RHSA-2025:7489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7489
12
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
13
reference_url https://usn.ubuntu.com/7400-1/
reference_id USN-7400-1
reference_type
scores
url https://usn.ubuntu.com/7400-1/
14
reference_url https://usn.ubuntu.com/7645-1/
reference_id USN-7645-1
reference_type
scores
url https://usn.ubuntu.com/7645-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u8%3Fdistro=bullseye
aliases CVE-2025-1736
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qyx5-b321-2udm
48
url VCID-rh5h-at8n-bfdj
vulnerability_id VCID-rh5h-at8n-bfdj
summary php: PHP: Information disclosure via getimagesize() function when reading multi-chunk images
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14177.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14177.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14177
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18706
published_at 2026-04-02T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18486
published_at 2026-04-21T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18514
published_at 2026-04-13T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18455
published_at 2026-04-16T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18464
published_at 2026-04-18T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.18761
published_at 2026-04-04T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18477
published_at 2026-04-07T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18557
published_at 2026-04-08T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.1861
published_at 2026-04-09T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.18613
published_at 2026-04-11T12:55:00Z
10
value 0.00059
scoring_system epss
scoring_elements 0.18566
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14177
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574
reference_id 1123574
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2425626
reference_id 2425626
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2425626
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7
reference_id GHSA-3237-qqm7-mfv7
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:01:25Z/
url https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7
6
reference_url https://access.redhat.com/errata/RHSA-2026:1409
reference_id RHSA-2026:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1409
7
reference_url https://access.redhat.com/errata/RHSA-2026:1412
reference_id RHSA-2026:1412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1412
8
reference_url https://access.redhat.com/errata/RHSA-2026:1429
reference_id RHSA-2026:1429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1429
9
reference_url https://access.redhat.com/errata/RHSA-2026:1628
reference_id RHSA-2026:1628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1628
10
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
11
reference_url https://access.redhat.com/errata/RHSA-2026:2799
reference_id RHSA-2026:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2799
12
reference_url https://access.redhat.com/errata/RHSA-2026:7614
reference_id RHSA-2026:7614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7614
13
reference_url https://usn.ubuntu.com/7953-1/
reference_id USN-7953-1
reference_type
scores
url https://usn.ubuntu.com/7953-1/
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2025-14177
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rh5h-at8n-bfdj
49
url VCID-t862-kese-z7ae
vulnerability_id VCID-t862-kese-z7ae
summary php: libxml streams use wrong content-type header when requesting a redirected resource
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1219.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1219.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1219
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.20744
published_at 2026-04-02T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.20598
published_at 2026-04-08T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.20635
published_at 2026-04-12T12:55:00Z
3
value 0.00067
scoring_system epss
scoring_elements 0.20583
published_at 2026-04-13T12:55:00Z
4
value 0.00067
scoring_system epss
scoring_elements 0.2057
published_at 2026-04-16T12:55:00Z
5
value 0.00067
scoring_system epss
scoring_elements 0.20568
published_at 2026-04-18T12:55:00Z
6
value 0.00067
scoring_system epss
scoring_elements 0.20803
published_at 2026-04-04T12:55:00Z
7
value 0.00067
scoring_system epss
scoring_elements 0.20522
published_at 2026-04-07T12:55:00Z
8
value 0.00067
scoring_system epss
scoring_elements 0.20657
published_at 2026-04-09T12:55:00Z
9
value 0.00067
scoring_system epss
scoring_elements 0.20677
published_at 2026-04-11T12:55:00Z
10
value 0.00088
scoring_system epss
scoring_elements 0.25048
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1219
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1219
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2356043
reference_id 2356043
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2356043
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc
reference_id GHSA-p3x9-6h7p-cgfc
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T13:10:21Z/
url https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc
6
reference_url https://access.redhat.com/errata/RHSA-2025:15687
reference_id RHSA-2025:15687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15687
7
reference_url https://access.redhat.com/errata/RHSA-2025:4263
reference_id RHSA-2025:4263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4263
8
reference_url https://access.redhat.com/errata/RHSA-2025:7418
reference_id RHSA-2025:7418
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7418
9
reference_url https://access.redhat.com/errata/RHSA-2025:7431
reference_id RHSA-2025:7431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7431
10
reference_url https://access.redhat.com/errata/RHSA-2025:7432
reference_id RHSA-2025:7432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7432
11
reference_url https://access.redhat.com/errata/RHSA-2025:7489
reference_id RHSA-2025:7489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7489
12
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
13
reference_url https://usn.ubuntu.com/7400-1/
reference_id USN-7400-1
reference_type
scores
url https://usn.ubuntu.com/7400-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u8%3Fdistro=bullseye
aliases CVE-2025-1219
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t862-kese-z7ae
50
url VCID-tarw-3xd3-x3eh
vulnerability_id VCID-tarw-3xd3-x3eh
summary php: Special character breaks path in xml parsing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21707.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21707.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21707
reference_id
reference_type
scores
0
value 0.00563
scoring_system epss
scoring_elements 0.68306
published_at 2026-04-01T12:55:00Z
1
value 0.00563
scoring_system epss
scoring_elements 0.68401
published_at 2026-04-21T12:55:00Z
2
value 0.00563
scoring_system epss
scoring_elements 0.6841
published_at 2026-04-16T12:55:00Z
3
value 0.00563
scoring_system epss
scoring_elements 0.68424
published_at 2026-04-18T12:55:00Z
4
value 0.00563
scoring_system epss
scoring_elements 0.68326
published_at 2026-04-02T12:55:00Z
5
value 0.00563
scoring_system epss
scoring_elements 0.68346
published_at 2026-04-04T12:55:00Z
6
value 0.00563
scoring_system epss
scoring_elements 0.68322
published_at 2026-04-07T12:55:00Z
7
value 0.00563
scoring_system epss
scoring_elements 0.68373
published_at 2026-04-08T12:55:00Z
8
value 0.00563
scoring_system epss
scoring_elements 0.6839
published_at 2026-04-09T12:55:00Z
9
value 0.00563
scoring_system epss
scoring_elements 0.68417
published_at 2026-04-11T12:55:00Z
10
value 0.00563
scoring_system epss
scoring_elements 0.68405
published_at 2026-04-12T12:55:00Z
11
value 0.00563
scoring_system epss
scoring_elements 0.68372
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21707
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2026045
reference_id 2026045
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2026045
6
reference_url https://security.archlinux.org/AVG-2566
reference_id AVG-2566
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2566
7
reference_url https://access.redhat.com/errata/RHSA-2022:5491
reference_id RHSA-2022:5491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5491
8
reference_url https://access.redhat.com/errata/RHSA-2022:7628
reference_id RHSA-2022:7628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7628
9
reference_url https://usn.ubuntu.com/5300-1/
reference_id USN-5300-1
reference_type
scores
url https://usn.ubuntu.com/5300-1/
10
reference_url https://usn.ubuntu.com/5300-2/
reference_id USN-5300-2
reference_type
scores
url https://usn.ubuntu.com/5300-2/
11
reference_url https://usn.ubuntu.com/5300-3/
reference_id USN-5300-3
reference_type
scores
url https://usn.ubuntu.com/5300-3/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.28-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.28-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.28-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2021-21707
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tarw-3xd3-x3eh
51
url VCID-tawz-4cft-97bd
vulnerability_id VCID-tawz-4cft-97bd
summary In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS permissions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21706
reference_id
reference_type
scores
0
value 0.00529
scoring_system epss
scoring_elements 0.67225
published_at 2026-04-21T12:55:00Z
1
value 0.00529
scoring_system epss
scoring_elements 0.67125
published_at 2026-04-01T12:55:00Z
2
value 0.00529
scoring_system epss
scoring_elements 0.67162
published_at 2026-04-07T12:55:00Z
3
value 0.00529
scoring_system epss
scoring_elements 0.67186
published_at 2026-04-04T12:55:00Z
4
value 0.00529
scoring_system epss
scoring_elements 0.67213
published_at 2026-04-08T12:55:00Z
5
value 0.00529
scoring_system epss
scoring_elements 0.67226
published_at 2026-04-09T12:55:00Z
6
value 0.00529
scoring_system epss
scoring_elements 0.67245
published_at 2026-04-18T12:55:00Z
7
value 0.00529
scoring_system epss
scoring_elements 0.67232
published_at 2026-04-12T12:55:00Z
8
value 0.00529
scoring_system epss
scoring_elements 0.67198
published_at 2026-04-13T12:55:00Z
9
value 0.00529
scoring_system epss
scoring_elements 0.67233
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21706
1
reference_url https://security.archlinux.org/AVG-2420
reference_id AVG-2420
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2420
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2021-21706
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tawz-4cft-97bd
52
url VCID-ugx8-uqup-n3b4
vulnerability_id VCID-ugx8-uqup-n3b4
summary php: OOB access in ldap_escape
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8932.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8932.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8932
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.51173
published_at 2026-04-08T12:55:00Z
1
value 0.00277
scoring_system epss
scoring_elements 0.51137
published_at 2026-04-02T12:55:00Z
2
value 0.00277
scoring_system epss
scoring_elements 0.51161
published_at 2026-04-04T12:55:00Z
3
value 0.00277
scoring_system epss
scoring_elements 0.51118
published_at 2026-04-07T12:55:00Z
4
value 0.00277
scoring_system epss
scoring_elements 0.5117
published_at 2026-04-09T12:55:00Z
5
value 0.00277
scoring_system epss
scoring_elements 0.51214
published_at 2026-04-11T12:55:00Z
6
value 0.00277
scoring_system epss
scoring_elements 0.51192
published_at 2026-04-12T12:55:00Z
7
value 0.00377
scoring_system epss
scoring_elements 0.5928
published_at 2026-04-18T12:55:00Z
8
value 0.00377
scoring_system epss
scoring_elements 0.59274
published_at 2026-04-16T12:55:00Z
9
value 0.00377
scoring_system epss
scoring_elements 0.59261
published_at 2026-04-21T12:55:00Z
10
value 0.00377
scoring_system epss
scoring_elements 0.59237
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8932
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8932
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
reference_id 1088688
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2327961
reference_id 2327961
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2327961
6
reference_url https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff
reference_id GHSA-g665-fm4p-vhff
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-22T17:41:35Z/
url https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff
7
reference_url https://usn.ubuntu.com/7157-1/
reference_id USN-7157-1
reference_type
scores
url https://usn.ubuntu.com/7157-1/
8
reference_url https://usn.ubuntu.com/7157-2/
reference_id USN-7157-2
reference_type
scores
url https://usn.ubuntu.com/7157-2/
9
reference_url https://usn.ubuntu.com/7157-3/
reference_id USN-7157-3
reference_type
scores
url https://usn.ubuntu.com/7157-3/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u7?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u7%3Fdistro=bullseye
aliases CVE-2024-8932
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ugx8-uqup-n3b4
53
url VCID-uq31-93sm-r3b2
vulnerability_id VCID-uq31-93sm-r3b2
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11048.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11048.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11048
reference_id
reference_type
scores
0
value 0.12716
scoring_system epss
scoring_elements 0.93957
published_at 2026-04-01T12:55:00Z
1
value 0.12716
scoring_system epss
scoring_elements 0.93967
published_at 2026-04-02T12:55:00Z
2
value 0.12716
scoring_system epss
scoring_elements 0.93976
published_at 2026-04-04T12:55:00Z
3
value 0.12716
scoring_system epss
scoring_elements 0.93978
published_at 2026-04-07T12:55:00Z
4
value 0.12716
scoring_system epss
scoring_elements 0.93987
published_at 2026-04-08T12:55:00Z
5
value 0.12716
scoring_system epss
scoring_elements 0.9399
published_at 2026-04-09T12:55:00Z
6
value 0.12716
scoring_system epss
scoring_elements 0.93995
published_at 2026-04-11T12:55:00Z
7
value 0.12716
scoring_system epss
scoring_elements 0.93994
published_at 2026-04-13T12:55:00Z
8
value 0.12716
scoring_system epss
scoring_elements 0.9401
published_at 2026-04-16T12:55:00Z
9
value 0.12716
scoring_system epss
scoring_elements 0.94015
published_at 2026-04-18T12:55:00Z
10
value 0.12716
scoring_system epss
scoring_elements 0.94016
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11048
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11048
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7067
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1837842
reference_id 1837842
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1837842
10
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
11
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
12
reference_url https://usn.ubuntu.com/4375-1/
reference_id USN-4375-1
reference_type
scores
url https://usn.ubuntu.com/4375-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.9-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.9-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.9-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2019-11048
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uq31-93sm-r3b2
54
url VCID-uqrh-9nue-rqgx
vulnerability_id VCID-uqrh-9nue-rqgx
summary php: Streams HTTP wrapper does not fail for headers with invalid name and no colon
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1734.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1734.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1734
reference_id
reference_type
scores
0
value 0.00382
scoring_system epss
scoring_elements 0.59546
published_at 2026-04-02T12:55:00Z
1
value 0.00382
scoring_system epss
scoring_elements 0.59591
published_at 2026-04-08T12:55:00Z
2
value 0.00382
scoring_system epss
scoring_elements 0.59605
published_at 2026-04-12T12:55:00Z
3
value 0.00382
scoring_system epss
scoring_elements 0.59585
published_at 2026-04-13T12:55:00Z
4
value 0.00382
scoring_system epss
scoring_elements 0.59618
published_at 2026-04-16T12:55:00Z
5
value 0.00382
scoring_system epss
scoring_elements 0.59625
published_at 2026-04-18T12:55:00Z
6
value 0.00382
scoring_system epss
scoring_elements 0.59571
published_at 2026-04-04T12:55:00Z
7
value 0.00382
scoring_system epss
scoring_elements 0.5954
published_at 2026-04-07T12:55:00Z
8
value 0.00382
scoring_system epss
scoring_elements 0.59603
published_at 2026-04-09T12:55:00Z
9
value 0.00382
scoring_system epss
scoring_elements 0.59622
published_at 2026-04-11T12:55:00Z
10
value 0.0072
scoring_system epss
scoring_elements 0.72513
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1734
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1734
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1734
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2356042
reference_id 2356042
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2356042
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44
reference_id GHSA-pcmh-g36c-qc44
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T14:21:51Z/
url https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44
6
reference_url https://access.redhat.com/errata/RHSA-2025:15687
reference_id RHSA-2025:15687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15687
7
reference_url https://access.redhat.com/errata/RHSA-2025:4263
reference_id RHSA-2025:4263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4263
8
reference_url https://access.redhat.com/errata/RHSA-2025:7418
reference_id RHSA-2025:7418
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7418
9
reference_url https://access.redhat.com/errata/RHSA-2025:7431
reference_id RHSA-2025:7431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7431
10
reference_url https://access.redhat.com/errata/RHSA-2025:7432
reference_id RHSA-2025:7432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7432
11
reference_url https://access.redhat.com/errata/RHSA-2025:7489
reference_id RHSA-2025:7489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7489
12
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
13
reference_url https://usn.ubuntu.com/7400-1/
reference_id USN-7400-1
reference_type
scores
url https://usn.ubuntu.com/7400-1/
14
reference_url https://usn.ubuntu.com/7645-1/
reference_id USN-7645-1
reference_type
scores
url https://usn.ubuntu.com/7645-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u8?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u8%3Fdistro=bullseye
aliases CVE-2025-1734
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uqrh-9nue-rqgx
55
url VCID-uush-g6k9-9ffm
vulnerability_id VCID-uush-g6k9-9ffm
summary php: pgsql extension does not check for errors during escaping
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1735.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1735.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1735
reference_id
reference_type
scores
0
value 0.00134
scoring_system epss
scoring_elements 0.33221
published_at 2026-04-04T12:55:00Z
1
value 0.00134
scoring_system epss
scoring_elements 0.33187
published_at 2026-04-02T12:55:00Z
2
value 0.00134
scoring_system epss
scoring_elements 0.33052
published_at 2026-04-07T12:55:00Z
3
value 0.0015
scoring_system epss
scoring_elements 0.35471
published_at 2026-04-21T12:55:00Z
4
value 0.0015
scoring_system epss
scoring_elements 0.35493
published_at 2026-04-13T12:55:00Z
5
value 0.0015
scoring_system epss
scoring_elements 0.35532
published_at 2026-04-16T12:55:00Z
6
value 0.0015
scoring_system epss
scoring_elements 0.35522
published_at 2026-04-18T12:55:00Z
7
value 0.0015
scoring_system epss
scoring_elements 0.35525
published_at 2026-04-08T12:55:00Z
8
value 0.0015
scoring_system epss
scoring_elements 0.35549
published_at 2026-04-09T12:55:00Z
9
value 0.0015
scoring_system epss
scoring_elements 0.35558
published_at 2026-04-11T12:55:00Z
10
value 0.0015
scoring_system epss
scoring_elements 0.35514
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1735
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1735
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2378689
reference_id 2378689
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2378689
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3
reference_id GHSA-hrwm-9436-5mv3
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T15:58:08Z/
url https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3
6
reference_url https://access.redhat.com/errata/RHSA-2025:23309
reference_id RHSA-2025:23309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23309
7
reference_url https://access.redhat.com/errata/RHSA-2026:1409
reference_id RHSA-2026:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1409
8
reference_url https://access.redhat.com/errata/RHSA-2026:1412
reference_id RHSA-2026:1412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1412
9
reference_url https://access.redhat.com/errata/RHSA-2026:2470
reference_id RHSA-2026:2470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2470
10
reference_url https://usn.ubuntu.com/7648-1/
reference_id USN-7648-1
reference_type
scores
url https://usn.ubuntu.com/7648-1/
11
reference_url https://usn.ubuntu.com/7648-2/
reference_id USN-7648-2
reference_type
scores
url https://usn.ubuntu.com/7648-2/
12
reference_url https://usn.ubuntu.com/7648-3/
reference_id USN-7648-3
reference_type
scores
url https://usn.ubuntu.com/7648-3/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u9?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u9%3Fdistro=bullseye
aliases CVE-2025-1735
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uush-g6k9-9ffm
56
url VCID-v42g-pabn-yqe7
vulnerability_id VCID-v42g-pabn-yqe7
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8925.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8925.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8925
reference_id
reference_type
scores
0
value 0.02395
scoring_system epss
scoring_elements 0.85064
published_at 2026-04-18T12:55:00Z
1
value 0.02395
scoring_system epss
scoring_elements 0.85044
published_at 2026-04-12T12:55:00Z
2
value 0.02395
scoring_system epss
scoring_elements 0.8504
published_at 2026-04-13T12:55:00Z
3
value 0.02395
scoring_system epss
scoring_elements 0.85061
published_at 2026-04-21T12:55:00Z
4
value 0.02395
scoring_system epss
scoring_elements 0.84978
published_at 2026-04-02T12:55:00Z
5
value 0.02395
scoring_system epss
scoring_elements 0.84995
published_at 2026-04-04T12:55:00Z
6
value 0.02395
scoring_system epss
scoring_elements 0.85
published_at 2026-04-07T12:55:00Z
7
value 0.02395
scoring_system epss
scoring_elements 0.85022
published_at 2026-04-08T12:55:00Z
8
value 0.02395
scoring_system epss
scoring_elements 0.85029
published_at 2026-04-09T12:55:00Z
9
value 0.02395
scoring_system epss
scoring_elements 0.85045
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8925
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8925
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8925
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2317049
reference_id 2317049
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2317049
5
reference_url https://github.com/php/php-src/security/advisories/GHSA-9pqp-7h25-4f32
reference_id GHSA-9pqp-7h25-4f32
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-08T12:56:50Z/
url https://github.com/php/php-src/security/advisories/GHSA-9pqp-7h25-4f32
6
reference_url https://security.gentoo.org/glsa/202501-11
reference_id GLSA-202501-11
reference_type
scores
url https://security.gentoo.org/glsa/202501-11
7
reference_url https://access.redhat.com/errata/RHSA-2024:10949
reference_id RHSA-2024:10949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10949
8
reference_url https://access.redhat.com/errata/RHSA-2024:10950
reference_id RHSA-2024:10950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10950
9
reference_url https://access.redhat.com/errata/RHSA-2024:10951
reference_id RHSA-2024:10951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10951
10
reference_url https://access.redhat.com/errata/RHSA-2024:10952
reference_id RHSA-2024:10952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10952
11
reference_url https://access.redhat.com/errata/RHSA-2025:7315
reference_id RHSA-2025:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7315
12
reference_url https://usn.ubuntu.com/7049-1/
reference_id USN-7049-1
reference_type
scores
url https://usn.ubuntu.com/7049-1/
13
reference_url https://usn.ubuntu.com/7049-2/
reference_id USN-7049-2
reference_type
scores
url https://usn.ubuntu.com/7049-2/
14
reference_url https://usn.ubuntu.com/7049-3/
reference_id USN-7049-3
reference_type
scores
url https://usn.ubuntu.com/7049-3/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u6%3Fdistro=bullseye
aliases CVE-2024-8925
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v42g-pabn-yqe7
57
url VCID-vfx1-jn3w-1fb9
vulnerability_id VCID-vfx1-jn3w-1fb9
summary php: PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8926.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8926.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8926
reference_id
reference_type
scores
0
value 0.02711
scoring_system epss
scoring_elements 0.85921
published_at 2026-04-21T12:55:00Z
1
value 0.02711
scoring_system epss
scoring_elements 0.85907
published_at 2026-04-13T12:55:00Z
2
value 0.02711
scoring_system epss
scoring_elements 0.85925
published_at 2026-04-16T12:55:00Z
3
value 0.02711
scoring_system epss
scoring_elements 0.8593
published_at 2026-04-18T12:55:00Z
4
value 0.02711
scoring_system epss
scoring_elements 0.85851
published_at 2026-04-02T12:55:00Z
5
value 0.02711
scoring_system epss
scoring_elements 0.85868
published_at 2026-04-04T12:55:00Z
6
value 0.02711
scoring_system epss
scoring_elements 0.85872
published_at 2026-04-07T12:55:00Z
7
value 0.02711
scoring_system epss
scoring_elements 0.85891
published_at 2026-04-08T12:55:00Z
8
value 0.02711
scoring_system epss
scoring_elements 0.859
published_at 2026-04-09T12:55:00Z
9
value 0.02711
scoring_system epss
scoring_elements 0.85915
published_at 2026-04-11T12:55:00Z
10
value 0.02711
scoring_system epss
scoring_elements 0.85913
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8926
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2317050
reference_id 2317050
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2317050
4
reference_url https://github.com/php/php-src/security/advisories/GHSA-p99j-rfp4-xqvq
reference_id GHSA-p99j-rfp4-xqvq
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T12:55:27Z/
url https://github.com/php/php-src/security/advisories/GHSA-p99j-rfp4-xqvq
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2024-8926
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfx1-jn3w-1fb9
58
url VCID-vz8y-te3y-gqhp
vulnerability_id VCID-vz8y-te3y-gqhp
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0662.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0662.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0662
reference_id
reference_type
scores
0
value 0.00218
scoring_system epss
scoring_elements 0.44424
published_at 2026-04-02T12:55:00Z
1
value 0.00218
scoring_system epss
scoring_elements 0.44399
published_at 2026-04-21T12:55:00Z
2
value 0.00218
scoring_system epss
scoring_elements 0.44455
published_at 2026-04-11T12:55:00Z
3
value 0.00218
scoring_system epss
scoring_elements 0.44423
published_at 2026-04-12T12:55:00Z
4
value 0.00218
scoring_system epss
scoring_elements 0.44422
published_at 2026-04-13T12:55:00Z
5
value 0.00218
scoring_system epss
scoring_elements 0.44479
published_at 2026-04-16T12:55:00Z
6
value 0.00218
scoring_system epss
scoring_elements 0.44469
published_at 2026-04-18T12:55:00Z
7
value 0.00218
scoring_system epss
scoring_elements 0.44446
published_at 2026-04-04T12:55:00Z
8
value 0.00218
scoring_system epss
scoring_elements 0.4438
published_at 2026-04-07T12:55:00Z
9
value 0.00218
scoring_system epss
scoring_elements 0.44431
published_at 2026-04-08T12:55:00Z
10
value 0.00218
scoring_system epss
scoring_elements 0.44438
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0662
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368
reference_id 1031368
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170761
reference_id 2170761
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170761
9
reference_url https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv
reference_id GHSA-54hq-v5wp-fqgv
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T14:57:39Z/
url https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv
10
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
11
reference_url https://security.netapp.com/advisory/ntap-20230517-0001/
reference_id ntap-20230517-0001
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T14:57:39Z/
url https://security.netapp.com/advisory/ntap-20230517-0001/
12
reference_url https://access.redhat.com/errata/RHSA-2023:5926
reference_id RHSA-2023:5926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5926
13
reference_url https://access.redhat.com/errata/RHSA-2023:5927
reference_id RHSA-2023:5927
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5927
14
reference_url https://access.redhat.com/errata/RHSA-2024:0387
reference_id RHSA-2024:0387
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0387
15
reference_url https://usn.ubuntu.com/5902-1/
reference_id USN-5902-1
reference_type
scores
url https://usn.ubuntu.com/5902-1/
16
reference_url https://usn.ubuntu.com/5905-1/
reference_id USN-5905-1
reference_type
scores
url https://usn.ubuntu.com/5905-1/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u3?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u3?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u3%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2023-0662
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vz8y-te3y-gqhp
59
url VCID-w3f2-4edy-zyg4
vulnerability_id VCID-w3f2-4edy-zyg4
summary 
A vulnerabilities in PHP could lead to a Denial of Service
    condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7068.json
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7068.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7068
reference_id
reference_type
scores
0
value 0.00799
scoring_system epss
scoring_elements 0.73982
published_at 2026-04-01T12:55:00Z
1
value 0.00799
scoring_system epss
scoring_elements 0.73988
published_at 2026-04-02T12:55:00Z
2
value 0.00799
scoring_system epss
scoring_elements 0.74015
published_at 2026-04-04T12:55:00Z
3
value 0.00799
scoring_system epss
scoring_elements 0.73986
published_at 2026-04-07T12:55:00Z
4
value 0.00799
scoring_system epss
scoring_elements 0.7402
published_at 2026-04-08T12:55:00Z
5
value 0.00799
scoring_system epss
scoring_elements 0.74034
published_at 2026-04-09T12:55:00Z
6
value 0.00799
scoring_system epss
scoring_elements 0.74056
published_at 2026-04-11T12:55:00Z
7
value 0.00799
scoring_system epss
scoring_elements 0.74037
published_at 2026-04-12T12:55:00Z
8
value 0.00799
scoring_system epss
scoring_elements 0.7403
published_at 2026-04-13T12:55:00Z
9
value 0.00799
scoring_system epss
scoring_elements 0.74069
published_at 2026-04-16T12:55:00Z
10
value 0.00799
scoring_system epss
scoring_elements 0.74078
published_at 2026-04-18T12:55:00Z
11
value 0.00799
scoring_system epss
scoring_elements 0.7407
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7068
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7068
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7071
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21702
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1868109
reference_id 1868109
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1868109
9
reference_url https://security.gentoo.org/glsa/202009-10
reference_id GLSA-202009-10
reference_type
scores
url https://security.gentoo.org/glsa/202009-10
10
reference_url https://access.redhat.com/errata/RHSA-2021:2992
reference_id RHSA-2021:2992
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2992
11
reference_url https://access.redhat.com/errata/RHSA-2021:4213
reference_id RHSA-2021:4213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4213
12
reference_url https://usn.ubuntu.com/5006-1/
reference_id USN-5006-1
reference_type
scores
url https://usn.ubuntu.com/5006-1/
13
reference_url https://usn.ubuntu.com/5006-2/
reference_id USN-5006-2
reference_type
scores
url https://usn.ubuntu.com/5006-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.9-1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.9-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.9-1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7068
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w3f2-4edy-zyg4
60
url VCID-x2s3-ku1g-gfgh
vulnerability_id VCID-x2s3-ku1g-gfgh
summary Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4577.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4577.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4577
reference_id
reference_type
scores
0
value 0.94374
scoring_system epss
scoring_elements 0.99967
published_at 2026-04-16T12:55:00Z
1
value 0.94374
scoring_system epss
scoring_elements 0.99966
published_at 2026-04-18T12:55:00Z
2
value 0.94393
scoring_system epss
scoring_elements 0.99972
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4577
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url http://www.openwall.com/lists/oss-security/2024/06/07/1
reference_id 1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url http://www.openwall.com/lists/oss-security/2024/06/07/1
4
reference_url https://github.com/rapid7/metasploit-framework/pull/19247
reference_id 19247
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://github.com/rapid7/metasploit-framework/pull/19247
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2291281
reference_id 2291281
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2291281
6
reference_url https://isc.sans.edu/diary/30994
reference_id 30994
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://isc.sans.edu/diary/30994
7
reference_url https://www.php.net/ChangeLog-8.php#8.1.29
reference_id ChangeLog-8.php#8.1.29
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://www.php.net/ChangeLog-8.php#8.1.29
8
reference_url https://www.php.net/ChangeLog-8.php#8.2.20
reference_id ChangeLog-8.php#8.2.20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://www.php.net/ChangeLog-8.php#8.2.20
9
reference_url https://www.php.net/ChangeLog-8.php#8.3.8
reference_id ChangeLog-8.php#8.3.8
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://www.php.net/ChangeLog-8.php#8.3.8
10
reference_url https://github.com/11whoami99/CVE-2024-4577
reference_id CVE-2024-4577
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://github.com/11whoami99/CVE-2024-4577
11
reference_url https://github.com/watchtowrlabs/CVE-2024-4577
reference_id CVE-2024-4577
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://github.com/watchtowrlabs/CVE-2024-4577
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52331.py
reference_id CVE-2024-4577
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52331.py
13
reference_url https://github.com/xcanwin/CVE-2024-4577-PHP-RCE
reference_id CVE-2024-4577-PHP-RCE
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://github.com/xcanwin/CVE-2024-4577-PHP-RCE
14
reference_url https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html
reference_id cve-2024-4577-yet-another-php-rce.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html
15
reference_url https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv
reference_id GHSA-3qgc-jrrr-25jv
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv
16
reference_url https://security.gentoo.org/glsa/202408-32
reference_id GLSA-202408-32
reference_type
scores
url https://security.gentoo.org/glsa/202408-32
17
reference_url https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/
reference_id imperva-protects-against-critical-php-vulnerability-cve-2024-4577
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/
18
reference_url https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/
reference_id no-way-php-strikes-again-cve-2024-4577
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/
19
reference_url https://security.netapp.com/advisory/ntap-20240621-0008/
reference_id ntap-20240621-0008
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://security.netapp.com/advisory/ntap-20240621-0008/
20
reference_url https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/
reference_id php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
reference_id PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
22
reference_url https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/
reference_id security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
reference_id W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
24
reference_url https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately
reference_id warning-php-remote-code-execution-patch-immediately
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/
url https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2024-4577
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x2s3-ku1g-gfgh
61
url VCID-yfbz-bzvk-xke4
vulnerability_id VCID-yfbz-bzvk-xke4
summary Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31626.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31626.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31626
reference_id
reference_type
scores
0
value 0.1024
scoring_system epss
scoring_elements 0.93176
published_at 2026-04-21T12:55:00Z
1
value 0.1024
scoring_system epss
scoring_elements 0.93164
published_at 2026-04-16T12:55:00Z
2
value 0.1024
scoring_system epss
scoring_elements 0.93168
published_at 2026-04-18T12:55:00Z
3
value 0.1024
scoring_system epss
scoring_elements 0.93128
published_at 2026-04-02T12:55:00Z
4
value 0.1024
scoring_system epss
scoring_elements 0.93132
published_at 2026-04-04T12:55:00Z
5
value 0.1024
scoring_system epss
scoring_elements 0.9313
published_at 2026-04-07T12:55:00Z
6
value 0.1024
scoring_system epss
scoring_elements 0.93139
published_at 2026-04-08T12:55:00Z
7
value 0.1024
scoring_system epss
scoring_elements 0.93144
published_at 2026-04-09T12:55:00Z
8
value 0.1024
scoring_system epss
scoring_elements 0.93149
published_at 2026-04-11T12:55:00Z
9
value 0.1024
scoring_system epss
scoring_elements 0.93146
published_at 2026-04-12T12:55:00Z
10
value 0.1024
scoring_system epss
scoring_elements 0.93147
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31626
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2098523
reference_id 2098523
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2098523
6
reference_url https://security.archlinux.org/AVG-2768
reference_id AVG-2768
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2768
7
reference_url https://security.gentoo.org/glsa/202209-20
reference_id GLSA-202209-20
reference_type
scores
url https://security.gentoo.org/glsa/202209-20
8
reference_url https://access.redhat.com/errata/RHSA-2022:5467
reference_id RHSA-2022:5467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5467
9
reference_url https://access.redhat.com/errata/RHSA-2022:5468
reference_id RHSA-2022:5468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5468
10
reference_url https://access.redhat.com/errata/RHSA-2022:5471
reference_id RHSA-2022:5471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5471
11
reference_url https://access.redhat.com/errata/RHSA-2022:5491
reference_id RHSA-2022:5491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5491
12
reference_url https://access.redhat.com/errata/RHSA-2022:5904
reference_id RHSA-2022:5904
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5904
13
reference_url https://usn.ubuntu.com/5479-1/
reference_id USN-5479-1
reference_type
scores
url https://usn.ubuntu.com/5479-1/
14
reference_url https://usn.ubuntu.com/5479-2/
reference_id USN-5479-2
reference_type
scores
url https://usn.ubuntu.com/5479-2/
fixed_packages
0
url pkg:deb/debian/php7.4@7.4.30-1%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.30-1%2Bdeb11u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.30-1%252Bdeb11u1%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2022-31626
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yfbz-bzvk-xke4
62
url VCID-zjc4-mxte-f7hz
vulnerability_id VCID-zjc4-mxte-f7hz
summary 
Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary shell commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7061.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7061.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7061
reference_id
reference_type
scores
0
value 0.02767
scoring_system epss
scoring_elements 0.85967
published_at 2026-04-01T12:55:00Z
1
value 0.02767
scoring_system epss
scoring_elements 0.85978
published_at 2026-04-02T12:55:00Z
2
value 0.02767
scoring_system epss
scoring_elements 0.85994
published_at 2026-04-07T12:55:00Z
3
value 0.02767
scoring_system epss
scoring_elements 0.86013
published_at 2026-04-08T12:55:00Z
4
value 0.02767
scoring_system epss
scoring_elements 0.86023
published_at 2026-04-09T12:55:00Z
5
value 0.02767
scoring_system epss
scoring_elements 0.86037
published_at 2026-04-11T12:55:00Z
6
value 0.02767
scoring_system epss
scoring_elements 0.86035
published_at 2026-04-12T12:55:00Z
7
value 0.02767
scoring_system epss
scoring_elements 0.8603
published_at 2026-04-13T12:55:00Z
8
value 0.02767
scoring_system epss
scoring_elements 0.86048
published_at 2026-04-16T12:55:00Z
9
value 0.02767
scoring_system epss
scoring_elements 0.86053
published_at 2026-04-18T12:55:00Z
10
value 0.02767
scoring_system epss
scoring_elements 0.86044
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7061
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1808529
reference_id 1808529
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1808529
3
reference_url https://security.gentoo.org/glsa/202003-57
reference_id GLSA-202003-57
reference_type
scores
url https://security.gentoo.org/glsa/202003-57
fixed_packages
0
url pkg:deb/debian/php7.4@0?distro=bullseye
purl pkg:deb/debian/php7.4@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye
1
url pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye
aliases CVE-2020-7061
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zjc4-mxte-f7hz
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye