{"url":"http://public2.vulnerablecode.io/api/packages/130051?format=json","purl":"pkg:rpm/redhat/php@4.3.9-3?arch=18","type":"rpm","namespace":"redhat","name":"php","version":"4.3.9-3","qualifiers":{"arch":"18"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88844?format=json","vulnerability_id":"VCID-2bcm-xg5v-kyaw","summary":"gd: GIF handling buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4484.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4484.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4484","reference_id":"","reference_type":"","scores":[{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91011","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91015","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91025","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91034","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91046","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91053","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91061","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91085","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91087","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91101","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91099","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06436","scoring_system":"epss","scoring_elements":"0.91094","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384838","reference_id":"384838","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384838"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384841","reference_id":"384841","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384841"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=431568","reference_id":"431568","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=431568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0669","reference_id":"RHSA-2006:0669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0688","reference_id":"RHSA-2006:0688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0146","reference_id":"RHSA-2008:0146","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0146"},{"reference_url":"https://usn.ubuntu.com/342-1/","reference_id":"USN-342-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/342-1/"}],"fixed_packages":[],"aliases":["CVE-2006-4484"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2bcm-xg5v-kyaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88878?format=json","vulnerability_id":"VCID-7zyb-dpgp-abhy","summary":"security flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3016.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3016.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3016","reference_id":"","reference_type":"","scores":[{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91234","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91239","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91248","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91255","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91268","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91274","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91281","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91284","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91309","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91308","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.9131","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.9132","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0674","scoring_system":"epss","scoring_elements":"0.91318","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3016"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618130","reference_id":"1618130","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0669","reference_id":"RHSA-2006:0669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0682","reference_id":"RHSA-2006:0682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0736","reference_id":"RHSA-2006:0736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0736"},{"reference_url":"https://usn.ubuntu.com/320-1/","reference_id":"USN-320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/320-1/"}],"fixed_packages":[],"aliases":["CVE-2006-3016"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7zyb-dpgp-abhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88834?format=json","vulnerability_id":"VCID-m23p-1fg5-xqe2","summary":"security flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4482.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4482.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4482","reference_id":"","reference_type":"","scores":[{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88547","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88556","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88573","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88576","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88595","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88599","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88611","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88604","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88605","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88618","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88615","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88612","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88628","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88633","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04104","scoring_system":"epss","scoring_elements":"0.88632","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4482"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618186","reference_id":"1618186","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0669","reference_id":"RHSA-2006:0669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0682","reference_id":"RHSA-2006:0682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0688","reference_id":"RHSA-2006:0688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0688"},{"reference_url":"https://usn.ubuntu.com/342-1/","reference_id":"USN-342-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/342-1/"}],"fixed_packages":[],"aliases":["CVE-2006-4482"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m23p-1fg5-xqe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88832?format=json","vulnerability_id":"VCID-nqjb-dpv9-bkex","summary":"security flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4486.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4486.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4486","reference_id":"","reference_type":"","scores":[{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80866","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80875","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80898","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80895","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80923","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80932","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80948","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80934","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80925","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.8096","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80961","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80963","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80983","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80992","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.81003","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4486"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618188","reference_id":"1618188","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0669","reference_id":"RHSA-2006:0669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0682","reference_id":"RHSA-2006:0682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0688","reference_id":"RHSA-2006:0688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0688"},{"reference_url":"https://usn.ubuntu.com/362-1/","reference_id":"USN-362-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/362-1/"}],"fixed_packages":[],"aliases":["CVE-2006-4486"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqjb-dpv9-bkex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48882?format=json","vulnerability_id":"VCID-p819-ynn1-u3ht","summary":"PHP contains a function that, when used, could allow a remote attacker to\n    execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4020.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4020","reference_id":"","reference_type":"","scores":[{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.90519","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.90522","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.90533","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.9054","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.90551","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.90558","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.90566","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.9056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.90577","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.90575","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.9059","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0586","scoring_system":"epss","scoring_elements":"0.90586","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4020"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618174","reference_id":"1618174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618174"},{"reference_url":"https://security.gentoo.org/glsa/200608-28","reference_id":"GLSA-200608-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-28"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/2193.php","reference_id":"OSVDB-28000;CVE-2006-4020;OSVDB-27824","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/2193.php"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0669","reference_id":"RHSA-2006:0669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0682","reference_id":"RHSA-2006:0682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0688","reference_id":"RHSA-2006:0688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0736","reference_id":"RHSA-2006:0736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0736"},{"reference_url":"https://usn.ubuntu.com/342-1/","reference_id":"USN-342-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/342-1/"}],"fixed_packages":[],"aliases":["CVE-2006-4020"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p819-ynn1-u3ht"}],"fixing_vulnerabilities":[],"risk_score":"0.2","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.9-3%3Farch=18"}