Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/99366?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "type": "deb", "namespace": "debian", "name": "php8.2", "version": "8.2.31-1~deb12u1", "qualifiers": { "distro": "bookworm" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22664?format=api", "vulnerability_id": "VCID-2uxt-nqyw-7ye3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1735.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1735.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69733", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69633", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69723", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69736", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1735" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378689", "reference_id": "2378689", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378689" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3", "reference_id": "GHSA-hrwm-9436-5mv3", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T15:58:08Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23309", "reference_id": "RHSA-2025:23309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1409", "reference_id": "RHSA-2026:1409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1412", "reference_id": "RHSA-2026:1412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7648-1/", "reference_id": "USN-7648-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7648-1/" }, { "reference_url": "https://usn.ubuntu.com/7648-2/", "reference_id": "USN-7648-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7648-2/" }, { "reference_url": "https://usn.ubuntu.com/7648-3/", "reference_id": "USN-7648-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7648-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99377?format=api", "purl": "pkg:deb/debian/php8.2@8.2.29-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.29-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-1735" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2uxt-nqyw-7ye3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30090?format=api", "vulnerability_id": "VCID-3ssg-dz5x-w7h8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6722.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6722.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6722", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.61356", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.61248", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.61353", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.6136", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6722" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468560", "reference_id": "2468560", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468560" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-85c2-q967-79q5", "reference_id": "GHSA-85c2-q967-79q5", "reference_type": "", "scores": [ { "value": "9.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/RE:M/U:Red" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T13:08:41Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-85c2-q967-79q5" }, { "reference_url": "https://usn.ubuntu.com/8336-1/", "reference_id": "USN-8336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8336-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-6722" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ssg-dz5x-w7h8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22343?format=api", "vulnerability_id": "VCID-3v98-rqej-zqhq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8927.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57563", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57443", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57559", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57573", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8927" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317051", "reference_id": "2317051", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317051" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-94p6-54jq-9mwp", "reference_id": "GHSA-94p6-54jq-9mwp", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T12:50:40Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-94p6-54jq-9mwp" }, { "reference_url": "https://security.gentoo.org/glsa/202501-11", "reference_id": "GLSA-202501-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10949", "reference_id": "RHSA-2024:10949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10950", "reference_id": "RHSA-2024:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10951", "reference_id": "RHSA-2024:10951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7315", "reference_id": "RHSA-2025:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7315" }, { "reference_url": "https://usn.ubuntu.com/7049-1/", "reference_id": "USN-7049-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7049-1/" }, { "reference_url": "https://usn.ubuntu.com/7049-2/", "reference_id": "USN-7049-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7049-2/" }, { "reference_url": "https://usn.ubuntu.com/7049-3/", "reference_id": "USN-7049-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7049-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99375?format=api", "purl": "pkg:deb/debian/php8.2@8.2.24-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.24-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-8927" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3v98-rqej-zqhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22341?format=api", "vulnerability_id": "VCID-47f4-6bzb-cffp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8925.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8925.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01849", "scoring_system": "epss", "scoring_elements": "0.83477", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01849", "scoring_system": "epss", "scoring_elements": "0.83411", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01849", "scoring_system": "epss", "scoring_elements": "0.83471", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01849", "scoring_system": "epss", "scoring_elements": "0.8348", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8925" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8925", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8925" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317049", "reference_id": "2317049", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317049" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-9pqp-7h25-4f32", "reference_id": "GHSA-9pqp-7h25-4f32", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-08T12:56:50Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-9pqp-7h25-4f32" }, { "reference_url": "https://security.gentoo.org/glsa/202501-11", "reference_id": "GLSA-202501-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10949", "reference_id": "RHSA-2024:10949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10950", "reference_id": "RHSA-2024:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10951", "reference_id": "RHSA-2024:10951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7315", "reference_id": "RHSA-2025:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7315" }, { "reference_url": "https://usn.ubuntu.com/7049-1/", "reference_id": "USN-7049-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7049-1/" }, { "reference_url": "https://usn.ubuntu.com/7049-2/", "reference_id": "USN-7049-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7049-2/" }, { "reference_url": "https://usn.ubuntu.com/7049-3/", "reference_id": "USN-7049-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7049-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99375?format=api", "purl": "pkg:deb/debian/php8.2@8.2.24-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.24-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-8925" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-47f4-6bzb-cffp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30092?format=api", "vulnerability_id": "VCID-4dcy-f8uv-zkgn", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6735.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6735.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24509", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24321", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24516", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24526", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6735" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468562", "reference_id": "2468562", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468562" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-7qg2-v9fj-4mwv", "reference_id": "GHSA-7qg2-v9fj-4mwv", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:P/S:P/AU:Y/RE:L/U:Amber" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T13:25:43Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-7qg2-v9fj-4mwv" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14125", "reference_id": "RHSA-2026:14125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22142", "reference_id": "RHSA-2026:22142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22143", "reference_id": "RHSA-2026:22143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22305", "reference_id": "RHSA-2026:22305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22649", "reference_id": "RHSA-2026:22649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23388", "reference_id": "RHSA-2026:23388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23388" }, { "reference_url": "https://usn.ubuntu.com/8336-1/", "reference_id": "USN-8336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8336-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-6735" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4dcy-f8uv-zkgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22512?format=api", "vulnerability_id": "VCID-4f1k-66mf-67ek", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.44132", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43971", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.44125", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.44143", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355917", "reference_id": "2355917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355917" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g", "reference_id": "GHSA-v8xr-gpvj-cx9g", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/R:A" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T13:23:16Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" }, { "reference_url": "https://usn.ubuntu.com/7645-1/", "reference_id": "USN-7645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99376?format=api", "purl": "pkg:deb/debian/php8.2@8.2.28-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.28-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-1217" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4f1k-66mf-67ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12002?format=api", "vulnerability_id": "VCID-5af1-a5dg-rfba", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31631.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74817", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74736", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74807", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.7482", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158791", "reference_id": "2158791", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158791" }, { "reference_url": "https://bugs.php.net/bug.php?id=81740", "reference_id": "bug.php?id=81740", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-13T16:06:19Z/" } ], "url": "https://bugs.php.net/bug.php?id=81740" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0848", "reference_id": "RHSA-2023:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0965", "reference_id": "RHSA-2023:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2417", "reference_id": "RHSA-2023:2417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2903", "reference_id": "RHSA-2023:2903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2903" }, { "reference_url": "https://usn.ubuntu.com/5818-1/", "reference_id": "USN-5818-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5818-1/" }, { "reference_url": "https://usn.ubuntu.com/5905-1/", "reference_id": "USN-5905-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5905-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99367?format=api", "purl": "pkg:deb/debian/php8.2@8.2.1-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.1-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-31631" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5af1-a5dg-rfba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13060?format=api", "vulnerability_id": "VCID-5enc-sfwh-aug6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4900.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20361", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20538", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20559", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20536", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4900" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179880", "reference_id": "2179880", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0848", "reference_id": "RHSA-2023:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0848" }, { "reference_url": "https://usn.ubuntu.com/6757-1/", "reference_id": "USN-6757-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6757-1/" }, { "reference_url": "https://usn.ubuntu.com/6757-2/", "reference_id": "USN-6757-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6757-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99368?format=api", "purl": "pkg:deb/debian/php8.2@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-4900" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5enc-sfwh-aug6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22513?format=api", "vulnerability_id": "VCID-5py5-2rfc-hyen", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2595", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2615", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26164", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356043", "reference_id": "2356043", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356043" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc", "reference_id": "GHSA-p3x9-6h7p-cgfc", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T13:10:21Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99376?format=api", "purl": "pkg:deb/debian/php8.2@8.2.28-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.28-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-1219" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5py5-2rfc-hyen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30116?format=api", "vulnerability_id": "VCID-651b-43uu-2fep", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7262.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7262.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7262", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32683", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32503", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32684", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32706", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7262" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7262", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7262" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468565", "reference_id": "2468565", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468565" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-hmxp-6pc4-f3vv", "reference_id": "GHSA-hmxp-6pc4-f3vv", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/AU:Y/RE:M/U:Amber" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T13:14:44Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-hmxp-6pc4-f3vv" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22142", "reference_id": "RHSA-2026:22142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22143", "reference_id": "RHSA-2026:22143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22305", "reference_id": "RHSA-2026:22305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22649", "reference_id": "RHSA-2026:22649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23388", "reference_id": "RHSA-2026:23388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23388" }, { "reference_url": "https://usn.ubuntu.com/8336-1/", "reference_id": "USN-8336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8336-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-7262" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-651b-43uu-2fep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18054?format=api", "vulnerability_id": "VCID-689c-96hs-5bdm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11233.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11233.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11233", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.73185", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.73094", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.73171", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.73187", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11233" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11233" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688", "reference_id": "1088688", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328521", "reference_id": "2328521", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328521" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43", "reference_id": "GHSA-r977-prxv-hc43", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-24T12:32:59Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7315", "reference_id": "RHSA-2025:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7157-1/", "reference_id": "USN-7157-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-1/" }, { "reference_url": "https://usn.ubuntu.com/7157-3/", "reference_id": "USN-7157-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99372?format=api", "purl": "pkg:deb/debian/php8.2@8.2.26-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.26-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-11233" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-689c-96hs-5bdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20541?format=api", "vulnerability_id": "VCID-6bm4-gsbj-3bdj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4577.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4577.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4577", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94374", "scoring_system": "epss", "scoring_elements": "0.99967", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4577" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/07/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1" }, { "reference_url": "https://github.com/rapid7/metasploit-framework/pull/19247", "reference_id": "19247", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/rapid7/metasploit-framework/pull/19247" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291281", "reference_id": "2291281", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291281" }, { "reference_url": "https://isc.sans.edu/diary/30994", "reference_id": "30994", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://isc.sans.edu/diary/30994" }, { "reference_url": "https://www.php.net/ChangeLog-8.php#8.1.29", "reference_id": "ChangeLog-8.php#8.1.29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://www.php.net/ChangeLog-8.php#8.1.29" }, { "reference_url": "https://www.php.net/ChangeLog-8.php#8.2.20", "reference_id": "ChangeLog-8.php#8.2.20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://www.php.net/ChangeLog-8.php#8.2.20" }, { "reference_url": "https://www.php.net/ChangeLog-8.php#8.3.8", "reference_id": "ChangeLog-8.php#8.3.8", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://www.php.net/ChangeLog-8.php#8.3.8" }, { "reference_url": "https://github.com/11whoami99/CVE-2024-4577", "reference_id": "CVE-2024-4577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/11whoami99/CVE-2024-4577" }, { "reference_url": "https://github.com/watchtowrlabs/CVE-2024-4577", "reference_id": "CVE-2024-4577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/watchtowrlabs/CVE-2024-4577" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52331.py", "reference_id": "CVE-2024-4577", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52331.py" }, { "reference_url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE", "reference_id": "CVE-2024-4577-PHP-RCE", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE" }, { "reference_url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html", "reference_id": "cve-2024-4577-yet-another-php-rce.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv", "reference_id": "GHSA-3qgc-jrrr-25jv", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/", "reference_id": "imperva-protects-against-critical-php-vulnerability-cve-2024-4577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/" }, { "reference_url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/", "reference_id": "no-way-php-strikes-again-cve-2024-4577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0008/", "reference_id": "ntap-20240621-0008", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0008/" }, { "reference_url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/", "reference_id": "php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/", "reference_id": "PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/" }, { "reference_url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/", "reference_id": "security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/", "reference_id": "W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/" }, { "reference_url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately", "reference_id": "warning-php-remote-code-execution-patch-immediately", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99368?format=api", "purl": "pkg:deb/debian/php8.2@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-4577" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6bm4-gsbj-3bdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22597?format=api", "vulnerability_id": "VCID-adsg-f7zt-4yf4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14179.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14179.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22981", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22796", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22992", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.23003", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14179" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468567", "reference_id": "2468567", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468567" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-w476-322c-wpvm", "reference_id": "GHSA-w476-322c-wpvm", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/AU:Y/RE:M/U:Amber" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T15:23:23Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-w476-322c-wpvm" }, { "reference_url": "https://usn.ubuntu.com/8336-1/", "reference_id": "USN-8336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8336-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-14179" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-adsg-f7zt-4yf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15661?format=api", "vulnerability_id": "VCID-ba8n-wjc7-f7c9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3823.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3823.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3823", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.59114", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00644", "scoring_system": "epss", "scoring_elements": "0.71161", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00644", "scoring_system": "epss", "scoring_elements": "0.71251", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00644", "scoring_system": "epss", "scoring_elements": "0.71264", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043477", "reference_id": "1043477", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043477" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229396", "reference_id": "2229396", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229396" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5926", "reference_id": "RHSA-2023:5926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5927", "reference_id": "RHSA-2023:5927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0387", "reference_id": "RHSA-2024:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://usn.ubuntu.com/6305-1/", "reference_id": "USN-6305-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6305-1/" }, { "reference_url": "https://usn.ubuntu.com/6305-2/", "reference_id": "USN-6305-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6305-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99371?format=api", "purl": "pkg:deb/debian/php8.2@8.2.18-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.18-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-3823" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ba8n-wjc7-f7c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22344?format=api", "vulnerability_id": "VCID-bfzx-yj73-wkhb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71749", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71652", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71738", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71751", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8929" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688", "reference_id": "1088688", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327960", "reference_id": "2327960", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327960" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678", "reference_id": "GHSA-h35g-vwh6-m678", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-22T17:37:12Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7315", "reference_id": "RHSA-2025:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7157-1/", "reference_id": "USN-7157-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-1/" }, { "reference_url": "https://usn.ubuntu.com/7157-3/", "reference_id": "USN-7157-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99372?format=api", "purl": "pkg:deb/debian/php8.2@8.2.26-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.26-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-8929" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bfzx-yj73-wkhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22671?format=api", "vulnerability_id": "VCID-bn76-aa8p-yya7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0103", "scoring_system": "epss", "scoring_elements": "0.77823", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0103", "scoring_system": "epss", "scoring_elements": "0.77749", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0103", "scoring_system": "epss", "scoring_elements": "0.77818", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0103", "scoring_system": "epss", "scoring_elements": "0.77831", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1861" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356046", "reference_id": "2356046", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356046" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff", "reference_id": "GHSA-52jp-hrpf-2jff", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-31T12:55:53Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" }, { "reference_url": "https://usn.ubuntu.com/7645-1/", "reference_id": "USN-7645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99376?format=api", "purl": "pkg:deb/debian/php8.2@8.2.28-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.28-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-1861" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bn76-aa8p-yya7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19026?format=api", "vulnerability_id": "VCID-d56m-y1k3-bkeb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3096.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3096.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3096", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.7814", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.78216", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.78221", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.78208", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/12/11", "reference_id": "11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-29T15:14:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/12/11" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275061", "reference_id": "2275061", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275061" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr", "reference_id": "GHSA-h746-cjrr-wfmr", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-29T15:14:15Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-29T15:14:15Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00005.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240510-0010/", "reference_id": "ntap-20240510-0010", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-29T15:14:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240510-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10949", "reference_id": "RHSA-2024:10949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10950", "reference_id": "RHSA-2024:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10951", "reference_id": "RHSA-2024:10951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7315", "reference_id": "RHSA-2025:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7315" }, { "reference_url": "https://usn.ubuntu.com/6757-1/", "reference_id": "USN-6757-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6757-1/" }, { "reference_url": "https://usn.ubuntu.com/6757-2/", "reference_id": "USN-6757-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6757-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99371?format=api", "purl": "pkg:deb/debian/php8.2@8.2.18-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.18-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-3096" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d56m-y1k3-bkeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22663?format=api", "vulnerability_id": "VCID-d7tu-cwkf-3ket", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1734.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1734.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00757", "scoring_system": "epss", "scoring_elements": "0.73828", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00757", "scoring_system": "epss", "scoring_elements": "0.73739", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00757", "scoring_system": "epss", "scoring_elements": "0.73813", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00757", "scoring_system": "epss", "scoring_elements": "0.73829", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1734" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356042", "reference_id": "2356042", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356042" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44", "reference_id": "GHSA-pcmh-g36c-qc44", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T14:21:51Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" }, { "reference_url": "https://usn.ubuntu.com/7645-1/", "reference_id": "USN-7645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99376?format=api", "purl": "pkg:deb/debian/php8.2@8.2.28-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.28-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-1734" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7tu-cwkf-3ket" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30115?format=api", "vulnerability_id": "VCID-dh7h-wfrt-fug7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7261.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7261.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7261", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28224", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.2801", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28209", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28232", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7261" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7261", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7261" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468563", "reference_id": "2468563", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468563" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-m33r-qmcv-p97q", "reference_id": "GHSA-m33r-qmcv-p97q", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/S:P/AU:Y/RE:M/U:Amber" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T13:14:14Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-m33r-qmcv-p97q" }, { "reference_url": "https://usn.ubuntu.com/8336-1/", "reference_id": "USN-8336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8336-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-7261" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dh7h-wfrt-fug7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18285?format=api", "vulnerability_id": "VCID-dhnw-g4qe-w3gd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2408.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.4917", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.49313", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.49326", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.49308", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2408" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270358", "reference_id": "2270358", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270358" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-hh26-4ppw-5864", "reference_id": "GHSA-hh26-4ppw-5864", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-14T13:58:06Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-hh26-4ppw-5864" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/", "reference_id": "PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-14T13:58:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7877", "reference_id": "RHSA-2023:7877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7877" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/", "reference_id": "W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-14T13:58:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99373?format=api", "purl": "pkg:deb/debian/php8.2@8.2.18-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.18-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-2408" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dhnw-g4qe-w3gd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22342?format=api", "vulnerability_id": "VCID-eesn-v94u-sqhg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8926.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86293", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86235", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86285", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86296", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8926" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317050", "reference_id": "2317050", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317050" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-p99j-rfp4-xqvq", "reference_id": "GHSA-p99j-rfp4-xqvq", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T12:55:27Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-p99j-rfp4-xqvq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99375?format=api", "purl": "pkg:deb/debian/php8.2@8.2.24-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.24-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-8926" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eesn-v94u-sqhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18055?format=api", "vulnerability_id": "VCID-epbz-7qd7-xuas", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11234.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11234.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11234", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.79011", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.78934", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.78999", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.79013", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11234" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11234", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11234" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688", "reference_id": "1088688", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328523", "reference_id": "2328523", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328523" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2", "reference_id": "GHSA-c5f2-jwm7-mmq2", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-24T12:32:39Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7315", "reference_id": "RHSA-2025:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7157-1/", "reference_id": "USN-7157-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-1/" }, { "reference_url": "https://usn.ubuntu.com/7157-3/", "reference_id": "USN-7157-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99372?format=api", "purl": "pkg:deb/debian/php8.2@8.2.26-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.26-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-11234" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-epbz-7qd7-xuas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22517?format=api", "vulnerability_id": "VCID-f5jb-qpkv-9yac", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1220.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1220.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1220", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36413", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.3622", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36399", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36424", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1220" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379792", "reference_id": "2379792", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379792" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r", "reference_id": "GHSA-3cr5-j632-f35r", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T15:58:46Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23309", "reference_id": "RHSA-2025:23309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1409", "reference_id": "RHSA-2026:1409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1412", "reference_id": "RHSA-2026:1412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7648-1/", "reference_id": "USN-7648-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7648-1/" }, { "reference_url": "https://usn.ubuntu.com/7648-2/", "reference_id": "USN-7648-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7648-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99377?format=api", "purl": "pkg:deb/debian/php8.2@8.2.29-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.29-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-1220" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f5jb-qpkv-9yac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22665?format=api", "vulnerability_id": "VCID-fspr-yckc-6ke9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1736.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1736.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00546", "scoring_system": "epss", "scoring_elements": "0.6836", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00546", "scoring_system": "epss", "scoring_elements": "0.68265", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00546", "scoring_system": "epss", "scoring_elements": "0.68352", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00546", "scoring_system": "epss", "scoring_elements": "0.68365", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1736" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356041", "reference_id": "2356041", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356041" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528", "reference_id": "GHSA-hgf5-96fm-v528", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T12:57:12Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" }, { "reference_url": "https://usn.ubuntu.com/7645-1/", "reference_id": "USN-7645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99376?format=api", "purl": "pkg:deb/debian/php8.2@8.2.28-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.28-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-1736" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fspr-yckc-6ke9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30040?format=api", "vulnerability_id": "VCID-g9tf-2zgk-jbgp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6104.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6104.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6104", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08629", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08588", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0863", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08633", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6104" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468573", "reference_id": "2468573", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468573" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-74r9-qxhc-fx53", "reference_id": "GHSA-74r9-qxhc-fx53", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/RE:M/U:Amber" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T13:04:44Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-74r9-qxhc-fx53" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22649", "reference_id": "RHSA-2026:22649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22649" }, { "reference_url": "https://usn.ubuntu.com/8336-1/", "reference_id": "USN-8336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8336-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99368?format=api", "purl": "pkg:deb/debian/php8.2@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-6104" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g9tf-2zgk-jbgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21727?format=api", "vulnerability_id": "VCID-h1fk-z7jg-vqcn", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5585.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5585.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75705", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75783", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75788", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75775", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5585" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/07/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291311", "reference_id": "2291311", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291311" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-9fcc-425m-g385", "reference_id": "GHSA-9fcc-425m-g385", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-9fcc-425m-g385" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240726-0002/", "reference_id": "ntap-20240726-0002", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240726-0002/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/", "reference_id": "PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/", "reference_id": "W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-16T17:52:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99368?format=api", "purl": "pkg:deb/debian/php8.2@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-5585" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h1fk-z7jg-vqcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30117?format=api", "vulnerability_id": "VCID-hr3d-3y4w-x7cc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7263.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7263.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17642", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17489", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17651", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17668", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7263" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468572", "reference_id": "2468572", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468572" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-4jhr-8w89-j733", "reference_id": "GHSA-4jhr-8w89-j733", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/AU:Y/RE:M/U:Amber" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T13:04:22Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-4jhr-8w89-j733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22649", "reference_id": "RHSA-2026:22649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22649" }, { "reference_url": "https://usn.ubuntu.com/8336-1/", "reference_id": "USN-8336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8336-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99368?format=api", "purl": "pkg:deb/debian/php8.2@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-7263" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hr3d-3y4w-x7cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22595?format=api", "vulnerability_id": "VCID-hyz6-r1kf-r7av", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14177.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14177.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06438", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.0645", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06469", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06458", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14177" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574", "reference_id": "1123574", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425626", "reference_id": "2425626", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425626" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7", "reference_id": "GHSA-3237-qqm7-mfv7", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:01:25Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1409", "reference_id": "RHSA-2026:1409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1412", "reference_id": "RHSA-2026:1412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1429", "reference_id": "RHSA-2026:1429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1628", "reference_id": "RHSA-2026:1628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2799", "reference_id": "RHSA-2026:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7614", "reference_id": "RHSA-2026:7614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7614" }, { "reference_url": "https://usn.ubuntu.com/7953-1/", "reference_id": "USN-7953-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7953-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99378?format=api", "purl": "pkg:deb/debian/php8.2@8.2.30-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.30-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-14177" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hyz6-r1kf-r7av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18057?format=api", "vulnerability_id": "VCID-kbzn-jfrr-2bcv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11236.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11236.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11236", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63895", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63782", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63884", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63897", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11236" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11236", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11236" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688", "reference_id": "1088688", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328522", "reference_id": "2328522", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328522" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv", "reference_id": "GHSA-5hqh-c84r-qjcv", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-24T12:32:23Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv" }, { "reference_url": "https://usn.ubuntu.com/7153-1/", "reference_id": "USN-7153-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7153-1/" }, { "reference_url": "https://usn.ubuntu.com/7157-1/", "reference_id": "USN-7157-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99372?format=api", "purl": "pkg:deb/debian/php8.2@8.2.26-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.26-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-11236" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kbzn-jfrr-2bcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15496?format=api", "vulnerability_id": "VCID-kx3n-msjn-fkaj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3247.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3247.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3247", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.5526", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55136", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55256", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55272", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3247" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219290", "reference_id": "2219290", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219290" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw", "reference_id": "GHSA-76gg-c692-v2mw", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T19:41:48Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5926", "reference_id": "RHSA-2023:5926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5927", "reference_id": "RHSA-2023:5927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0387", "reference_id": "RHSA-2024:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://usn.ubuntu.com/6199-1/", "reference_id": "USN-6199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6199-1/" }, { "reference_url": "https://usn.ubuntu.com/6199-2/", "reference_id": "USN-6199-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6199-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99370?format=api", "purl": "pkg:deb/debian/php8.2@8.2.7-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.7-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-3247" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kx3n-msjn-fkaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21710?format=api", "vulnerability_id": "VCID-m8mg-192p-sya9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5458.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5458.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03579", "scoring_system": "epss", "scoring_elements": "0.88011", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03579", "scoring_system": "epss", "scoring_elements": "0.88056", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.03579", "scoring_system": "epss", "scoring_elements": "0.88058", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03579", "scoring_system": "epss", "scoring_elements": "0.88051", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5458" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/07/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072885", "reference_id": "1072885", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072885" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291252", "reference_id": "2291252", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291252" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-w8qr-v226-r27w", "reference_id": "GHSA-w8qr-v226-r27w", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-w8qr-v226-r27w" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00009.html", "reference_id": "msg00009.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240726-0001/", "reference_id": "ntap-20240726-0001", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240726-0001/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/", "reference_id": "PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10949", "reference_id": "RHSA-2024:10949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10950", "reference_id": "RHSA-2024:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10951", "reference_id": "RHSA-2024:10951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7315", "reference_id": "RHSA-2025:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7315" }, { "reference_url": "https://usn.ubuntu.com/6841-1/", "reference_id": "USN-6841-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6841-1/" }, { "reference_url": "https://usn.ubuntu.com/6841-2/", "reference_id": "USN-6841-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6841-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/", "reference_id": "W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99374?format=api", "purl": "pkg:deb/debian/php8.2@8.2.20-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.20-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-5458" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8mg-192p-sya9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30113?format=api", "vulnerability_id": "VCID-nebp-9kuy-d3cf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7258.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7258.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7258", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08946", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08908", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08952", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08957", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7258" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7258", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7258" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468561", "reference_id": "2468561", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468561" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-m8rr-4c36-8gq4", "reference_id": "GHSA-m8rr-4c36-8gq4", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/U:Amber" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T13:05:55Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-m8rr-4c36-8gq4" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14125", "reference_id": "RHSA-2026:14125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22142", "reference_id": "RHSA-2026:22142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22143", "reference_id": "RHSA-2026:22143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22305", "reference_id": "RHSA-2026:22305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22649", "reference_id": "RHSA-2026:22649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23388", "reference_id": "RHSA-2026:23388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23388" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-7258" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nebp-9kuy-d3cf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15662?format=api", "vulnerability_id": "VCID-nhbh-yqa8-hycg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3824.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3824.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31766", "scoring_system": "epss", "scoring_elements": "0.96914", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.31766", "scoring_system": "epss", "scoring_elements": "0.96925", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.31766", "scoring_system": "epss", "scoring_elements": "0.96928", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.3438", "scoring_system": "epss", "scoring_elements": "0.97111", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043477", "reference_id": "1043477", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043477" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230101", "reference_id": "2230101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230101" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5926", "reference_id": "RHSA-2023:5926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5927", "reference_id": "RHSA-2023:5927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0387", "reference_id": "RHSA-2024:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://usn.ubuntu.com/6305-1/", "reference_id": "USN-6305-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6305-1/" }, { "reference_url": "https://usn.ubuntu.com/6305-2/", "reference_id": "USN-6305-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6305-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99371?format=api", "purl": "pkg:deb/debian/php8.2@8.2.18-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.18-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-3824" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhbh-yqa8-hycg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22596?format=api", "vulnerability_id": "VCID-qax3-zeeb-qbdb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14178.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14178.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14178", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06668", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06675", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06696", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06685", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14178" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574", "reference_id": "1123574", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425625", "reference_id": "2425625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425625" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2", "reference_id": "GHSA-h96m-rvf9-jgm2", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-29T16:00:50Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1169", "reference_id": "RHSA-2026:1169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1185", "reference_id": "RHSA-2026:1185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1187", "reference_id": "RHSA-2026:1187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1190", "reference_id": "RHSA-2026:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1409", "reference_id": "RHSA-2026:1409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1412", "reference_id": "RHSA-2026:1412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1429", "reference_id": "RHSA-2026:1429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1628", "reference_id": "RHSA-2026:1628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2799", "reference_id": "RHSA-2026:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4077", "reference_id": "RHSA-2026:4077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4086", "reference_id": "RHSA-2026:4086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4212", "reference_id": "RHSA-2026:4212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4266", "reference_id": "RHSA-2026:4266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4507", "reference_id": "RHSA-2026:4507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4514", "reference_id": "RHSA-2026:4514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4517", "reference_id": "RHSA-2026:4517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7614", "reference_id": "RHSA-2026:7614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7614" }, { "reference_url": "https://usn.ubuntu.com/7953-1/", "reference_id": "USN-7953-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7953-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99378?format=api", "purl": "pkg:deb/debian/php8.2@8.2.30-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.30-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-14178" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qax3-zeeb-qbdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18940?format=api", "vulnerability_id": "VCID-rync-fppv-qygt", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2757.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2757.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2757", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70672", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70772", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70774", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70762", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2757" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/12/11", "reference_id": "11", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T11:27:03Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/12/11" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275068", "reference_id": "2275068", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275068" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-fjp9-9hwx-59fq", "reference_id": "GHSA-fjp9-9hwx-59fq", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T11:27:03Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-fjp9-9hwx-59fq" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240510-0011/", "reference_id": "ntap-20240510-0011", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T11:27:03Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240510-0011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99368?format=api", "purl": "pkg:deb/debian/php8.2@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-2757" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rync-fppv-qygt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14923?format=api", "vulnerability_id": "VCID-sqwm-1ktp-uyhc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0662.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0662.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47736", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.476", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.4774", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47756", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368", "reference_id": "1031368", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170761", "reference_id": "2170761", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170761" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv", "reference_id": "GHSA-54hq-v5wp-fqgv", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T14:57:39Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230517-0001/", "reference_id": "ntap-20230517-0001", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T14:57:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230517-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5926", "reference_id": "RHSA-2023:5926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5927", "reference_id": "RHSA-2023:5927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0387", "reference_id": "RHSA-2024:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0387" }, { "reference_url": "https://usn.ubuntu.com/5902-1/", "reference_id": "USN-5902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5902-1/" }, { "reference_url": "https://usn.ubuntu.com/5905-1/", "reference_id": "USN-5905-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5905-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99369?format=api", "purl": "pkg:deb/debian/php8.2@8.2.4-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.4-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-0662" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sqwm-1ktp-uyhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18939?format=api", "vulnerability_id": "VCID-sqxx-x7pj-dfgf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2756.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2756.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2756", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08698", "scoring_system": "epss", "scoring_elements": "0.92669", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.08698", "scoring_system": "epss", "scoring_elements": "0.92696", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.08698", "scoring_system": "epss", "scoring_elements": "0.92693", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/12/11", "reference_id": "11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T17:19:19Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/12/11" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275058", "reference_id": "2275058", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275058" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4", "reference_id": "GHSA-wpj3-hf5j-x4v4", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T17:19:19Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T17:19:19Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00005.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240510-0008/", "reference_id": "ntap-20240510-0008", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T17:19:19Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240510-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10949", "reference_id": "RHSA-2024:10949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10950", "reference_id": "RHSA-2024:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10951", "reference_id": "RHSA-2024:10951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7315", "reference_id": "RHSA-2025:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7315" }, { "reference_url": "https://usn.ubuntu.com/6757-1/", "reference_id": "USN-6757-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6757-1/" }, { "reference_url": "https://usn.ubuntu.com/6757-2/", "reference_id": "USN-6757-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6757-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99371?format=api", "purl": "pkg:deb/debian/php8.2@8.2.18-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.18-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-2756" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sqxx-x7pj-dfgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14916?format=api", "vulnerability_id": "VCID-sw6m-y31e-jbak", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0568.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0568.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0568", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66796", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.69041", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.69133", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.69145", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368", "reference_id": "1031368", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170770", "reference_id": "2170770", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170770" }, { "reference_url": "https://bugs.php.net/bug.php?id=81746", "reference_id": "bug.php?id=81746", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:56:58Z/" } ], "url": "https://bugs.php.net/bug.php?id=81746" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230517-0001/", "reference_id": "ntap-20230517-0001", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:56:58Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230517-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5926", "reference_id": "RHSA-2023:5926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5927", "reference_id": "RHSA-2023:5927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0387", "reference_id": "RHSA-2024:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://usn.ubuntu.com/5902-1/", "reference_id": "USN-5902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5902-1/" }, { "reference_url": "https://usn.ubuntu.com/5905-1/", "reference_id": "USN-5905-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5905-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99369?format=api", "purl": "pkg:deb/debian/php8.2@8.2.4-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.4-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-0568" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sw6m-y31e-jbak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22347?format=api", "vulnerability_id": "VCID-tzm5-dtk1-kbf2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9026.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9026.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71839", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71743", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71828", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71842", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9026" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317144", "reference_id": "2317144", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317144" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-865w-9rf3-2wh5", "reference_id": "GHSA-865w-9rf3-2wh5", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-08T12:47:58Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-865w-9rf3-2wh5" }, { "reference_url": "https://security.gentoo.org/glsa/202501-11", "reference_id": "GLSA-202501-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10949", "reference_id": "RHSA-2024:10949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10950", "reference_id": "RHSA-2024:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10951", "reference_id": "RHSA-2024:10951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7315", "reference_id": "RHSA-2025:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7315" }, { "reference_url": "https://usn.ubuntu.com/7049-1/", "reference_id": "USN-7049-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7049-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99375?format=api", "purl": "pkg:deb/debian/php8.2@8.2.24-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.24-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-9026" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzm5-dtk1-kbf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25866?format=api", "vulnerability_id": "VCID-u318-k8bh-7fft", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6491.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6491.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00772", "scoring_system": "epss", "scoring_elements": "0.741", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00772", "scoring_system": "epss", "scoring_elements": "0.74015", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00772", "scoring_system": "epss", "scoring_elements": "0.74087", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00772", "scoring_system": "epss", "scoring_elements": "0.74102", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6491" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378690", "reference_id": "2378690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378690" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x", "reference_id": "GHSA-453j-q27h-5p8x", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T15:59:51Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23309", "reference_id": "RHSA-2025:23309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1409", "reference_id": "RHSA-2026:1409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1412", "reference_id": "RHSA-2026:1412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7648-1/", "reference_id": "USN-7648-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7648-1/" }, { "reference_url": "https://usn.ubuntu.com/7648-2/", "reference_id": "USN-7648-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7648-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99377?format=api", "purl": "pkg:deb/debian/php8.2@8.2.29-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.29-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-6491" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u318-k8bh-7fft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22345?format=api", "vulnerability_id": "VCID-vdyy-rujw-yyca", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57787", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57665", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57781", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57797", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688", "reference_id": "1088688", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088688" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327961", "reference_id": "2327961", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327961" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff", "reference_id": "GHSA-g665-fm4p-vhff", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-22T17:41:35Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff" }, { "reference_url": "https://usn.ubuntu.com/7157-1/", "reference_id": "USN-7157-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-1/" }, { "reference_url": "https://usn.ubuntu.com/7157-2/", "reference_id": "USN-7157-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-2/" }, { "reference_url": "https://usn.ubuntu.com/7157-3/", "reference_id": "USN-7157-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7157-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99372?format=api", "purl": "pkg:deb/debian/php8.2@8.2.26-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.26-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-8932" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vdyy-rujw-yyca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30114?format=api", "vulnerability_id": "VCID-vqj5-8fm8-bygm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7259.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7259.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7259", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25948", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2575", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2595", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25966", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7259" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468564", "reference_id": "2468564", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468564" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-wm6j-2649-pv75", "reference_id": "GHSA-wm6j-2649-pv75", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/AU:Y/U:Amber" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T13:12:58Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-wm6j-2649-pv75" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23388", "reference_id": "RHSA-2026:23388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23388" }, { "reference_url": "https://usn.ubuntu.com/8336-1/", "reference_id": "USN-8336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8336-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-7259" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vqj5-8fm8-bygm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30124?format=api", "vulnerability_id": "VCID-w2qz-sqkf-fuet", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7568.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7568.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7568", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27105", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.269", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27102", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2712", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7568" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054", "reference_id": "1136054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468566", "reference_id": "2468566", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468566" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-96wq-48vp-hh57", "reference_id": "GHSA-96wq-48vp-hh57", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/RE:L/U:Amber" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T13:25:08Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-96wq-48vp-hh57" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22142", "reference_id": "RHSA-2026:22142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22143", "reference_id": "RHSA-2026:22143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22305", "reference_id": "RHSA-2026:22305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22649", "reference_id": "RHSA-2026:22649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23388", "reference_id": "RHSA-2026:23388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23388" }, { "reference_url": "https://usn.ubuntu.com/8336-1/", "reference_id": "USN-8336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8336-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-7568" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w2qz-sqkf-fuet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22598?format=api", "vulnerability_id": "VCID-wx9a-y5ng-y3fc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14180.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14180.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17947", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17797", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17956", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17972", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14180" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574", "reference_id": "1123574", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123574" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425627", "reference_id": "2425627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425627" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-8xr5-qppj-gvwj", "reference_id": "GHSA-8xr5-qppj-gvwj", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-29T15:59:59Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-8xr5-qppj-gvwj" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1169", "reference_id": "RHSA-2026:1169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1185", "reference_id": "RHSA-2026:1185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1187", "reference_id": "RHSA-2026:1187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1190", "reference_id": "RHSA-2026:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1409", "reference_id": "RHSA-2026:1409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1412", "reference_id": "RHSA-2026:1412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1429", "reference_id": "RHSA-2026:1429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1628", "reference_id": "RHSA-2026:1628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3713", "reference_id": "RHSA-2026:3713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7614", "reference_id": "RHSA-2026:7614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7614" }, { "reference_url": "https://usn.ubuntu.com/7953-1/", "reference_id": "USN-7953-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7953-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99378?format=api", "purl": "pkg:deb/debian/php8.2@8.2.30-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.30-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-14180" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wx9a-y5ng-y3fc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54120?format=api", "vulnerability_id": "VCID-ym5w-1qad-muht", "summary": "In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1874.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.68573", "scoring_system": "epss", "scoring_elements": "0.98636", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.68573", "scoring_system": "epss", "scoring_elements": "0.98643", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.68573", "scoring_system": "epss", "scoring_elements": "0.98641", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1874" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/07/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/12/11", "reference_id": "11", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/12/11" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267262", "reference_id": "2267262", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267262" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7", "reference_id": "GHSA-pc52-254m-w9w7", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240510-0009/", "reference_id": "ntap-20240510-0009", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240510-0009/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/", "reference_id": "PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/", "reference_id": "W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-29T13:05:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99368?format=api", "purl": "pkg:deb/debian/php8.2@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-1874" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ym5w-1qad-muht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14915?format=api", "vulnerability_id": "VCID-z2ru-gye7-wyhz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0567.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0567.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.3793", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40312", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40288", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.4012", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368", "reference_id": "1031368", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031368" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170771", "reference_id": "2170771", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170771" }, { "reference_url": "https://bugs.php.net/bug.php?id=81744", "reference_id": "bug.php?id=81744", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-01T15:34:47Z/" } ], "url": "https://bugs.php.net/bug.php?id=81744" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4", "reference_id": "GHSA-7fj2-8x79-rjf4", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-01T15:34:47Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5926", "reference_id": "RHSA-2023:5926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5927", "reference_id": "RHSA-2023:5927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0387", "reference_id": "RHSA-2024:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10952", "reference_id": "RHSA-2024:10952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10952" }, { "reference_url": "https://usn.ubuntu.com/5902-1/", "reference_id": "USN-5902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5902-1/" }, { "reference_url": "https://usn.ubuntu.com/6053-1/", "reference_id": "USN-6053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99369?format=api", "purl": "pkg:deb/debian/php8.2@8.2.4-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.4-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/99366?format=api", "purl": "pkg:deb/debian/php8.2@8.2.31-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-0567" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2ru-gye7-wyhz" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.31-1~deb12u1%3Fdistro=bookworm" }