Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/175388?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/175388?format=api", "purl": "pkg:rpm/redhat/php55-php@5.5.6-13?arch=el6", "type": "rpm", "namespace": "redhat", "name": "php55-php", "version": "5.5.6-13", "qualifiers": { "arch": "el6" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67898?format=api", "vulnerability_id": "VCID-1s3x-b1vy-qyef", "summary": "file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3538.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33041", "scoring_system": "epss", "scoring_elements": "0.96988", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.33041", "scoring_system": "epss", "scoring_elements": "0.96992", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098222", "reference_id": "1098222", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3538" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1s3x-b1vy-qyef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67894?format=api", "vulnerability_id": "VCID-2873-ph57-vqhd", "summary": "Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3478.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3478.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.37602", "scoring_system": "epss", "scoring_elements": "0.97279", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.37602", "scoring_system": "epss", "scoring_elements": "0.97283", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "http://mx.gw.com/pipermail/file/2014/001553.html", "reference_id": "001553.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://mx.gw.com/pipermail/file/2014/001553.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104863", "reference_id": "1104863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104863" }, { "reference_url": "https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08", "reference_id": "27a14bc7ba285a0a5ebfdb55e54001aa11932b08", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08" }, { "reference_url": "http://secunia.com/advisories/59794", "reference_id": "59794", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://secunia.com/advisories/59794" }, { "reference_url": "http://secunia.com/advisories/59831", "reference_id": "59831", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://secunia.com/advisories/59831" }, { "reference_url": "http://www.securityfocus.com/bid/68239", "reference_id": "68239", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.securityfocus.com/bid/68239" }, { "reference_url": "https://bugs.php.net/bug.php?id=67410", "reference_id": "bug.php?id=67410", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "https://bugs.php.net/bug.php?id=67410" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "ChangeLog-5.php", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2974", "reference_id": "dsa-2974", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.debian.org/security/2014/dsa-2974" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "dsa-3021", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "HT204659", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://support.apple.com/kb/HT6443", "reference_id": "HT6443", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://support.apple.com/kb/HT6443" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html", "reference_id": "msg00046.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html", "reference_id": "RHSA-2014-1327.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "RHSA-2014-1765.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "RHSA-2014-1766.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3478" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2873-ph57-vqhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114212?format=api", "vulnerability_id": "VCID-2c9a-8dmq-a7e4", "summary": "php: SPL Iterators use-after-free", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4670.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4670.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65919", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65972", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4670" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120266", "reference_id": "1120266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120266" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1326", "reference_id": "RHSA-2014:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-4670" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2c9a-8dmq-a7e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114026?format=api", "vulnerability_id": "VCID-2hx7-yt6y-6yfu", "summary": "php: heap corruption issue in exif_thumbnail()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3670.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3670.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.35086", "scoring_system": "epss", "scoring_elements": "0.97121", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.35086", "scoring_system": "epss", "scoring_elements": "0.97125", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3670" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154502", "reference_id": "1154502", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154502" }, { "reference_url": "https://security.gentoo.org/glsa/201411-04", "reference_id": "GLSA-201411-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1767", "reference_id": "RHSA-2014:1767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1768", "reference_id": "RHSA-2014:1768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1824", "reference_id": "RHSA-2014:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0021", "reference_id": "RHSA-2015:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0021" }, { "reference_url": "https://usn.ubuntu.com/2391-1/", "reference_id": "USN-2391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2391-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3670" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2hx7-yt6y-6yfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76116?format=api", "vulnerability_id": "VCID-3qud-akea-9ugs", "summary": "The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2497.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2497.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05174", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05174", "scoring_system": "epss", "scoring_elements": "0.90092", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1076676", "reference_id": "1076676", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1076676" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744719", "reference_id": "744719", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744719" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://security.gentoo.org/glsa/201607-04", "reference_id": "GLSA-201607-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1326", "reference_id": "RHSA-2014:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://usn.ubuntu.com/2987-1/", "reference_id": "USN-2987-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2987-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-2497" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3qud-akea-9ugs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114197?format=api", "vulnerability_id": "VCID-4tr4-kyyh-qfbd", "summary": "php: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3515.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3515.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.48662", "scoring_system": "epss", "scoring_elements": "0.97808", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.48662", "scoring_system": "epss", "scoring_elements": "0.97812", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1112154", "reference_id": "1112154", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1112154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3515" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4tr4-kyyh-qfbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76118?format=api", "vulnerability_id": "VCID-529n-wwq1-3uh5", "summary": "gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5120.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5120.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08774", "scoring_system": "epss", "scoring_elements": "0.92662", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08774", "scoring_system": "epss", "scoring_elements": "0.92674", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5120" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1132793", "reference_id": "1132793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1132793" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" } ], "fixed_packages": [], "aliases": [ "CVE-2014-5120" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-529n-wwq1-3uh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67900?format=api", "vulnerability_id": "VCID-5f4s-ce83-pkcw", "summary": "The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08075", "scoring_system": "epss", "scoring_elements": "0.92289", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08075", "scoring_system": "epss", "scoring_elements": "0.92303", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1155071", "reference_id": "1155071", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1155071" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806", "reference_id": "768806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806" }, { "reference_url": "https://security.gentoo.org/glsa/201503-03", "reference_id": "GLSA-201503-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-03" }, { "reference_url": "https://security.gentoo.org/glsa/201701-42", "reference_id": "GLSA-201701-42", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1767", "reference_id": "RHSA-2014:1767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1768", "reference_id": "RHSA-2014:1768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/2391-1/", "reference_id": "USN-2391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2391-1/" }, { "reference_url": "https://usn.ubuntu.com/2494-1/", "reference_id": "USN-2494-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2494-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3710" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5f4s-ce83-pkcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67896?format=api", "vulnerability_id": "VCID-84y5-7hge-vbhn", "summary": "The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3480.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3480.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03336", "scoring_system": "epss", "scoring_elements": "0.8754", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03336", "scoring_system": "epss", "scoring_elements": "0.87519", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "http://mx.gw.com/pipermail/file/2014/001553.html", "reference_id": "001553.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://mx.gw.com/pipermail/file/2014/001553.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104858", "reference_id": "1104858", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104858" }, { "reference_url": "https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382", "reference_id": "40bade80cbe2af1d0b2cd0420cebd5d5905a2382", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382" }, { "reference_url": "http://secunia.com/advisories/59794", "reference_id": "59794", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://secunia.com/advisories/59794" }, { "reference_url": "http://secunia.com/advisories/59831", "reference_id": "59831", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://secunia.com/advisories/59831" }, { "reference_url": "http://www.securityfocus.com/bid/68238", "reference_id": "68238", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.securityfocus.com/bid/68238" }, { "reference_url": "https://bugs.php.net/bug.php?id=67412", "reference_id": "bug.php?id=67412", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "https://bugs.php.net/bug.php?id=67412" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "ChangeLog-5.php", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2974", "reference_id": "dsa-2974", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.debian.org/security/2014/dsa-2974" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "dsa-3021", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "HT204659", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://support.apple.com/kb/HT6443", "reference_id": "HT6443", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://support.apple.com/kb/HT6443" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html", "reference_id": "msg00046.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "RHSA-2014-1765.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "RHSA-2014-1766.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3480" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84y5-7hge-vbhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67895?format=api", "vulnerability_id": "VCID-avrk-szvf-13av", "summary": "The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3479.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3479.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05923", "scoring_system": "epss", "scoring_elements": "0.90782", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05923", "scoring_system": "epss", "scoring_elements": "0.90796", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104869", "reference_id": "1104869", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3479" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-avrk-szvf-13av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114222?format=api", "vulnerability_id": "VCID-ed1v-hdew-4qfj", "summary": "php: heap-based buffer overflow in DNS TXT record parsing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4049.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4049.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30666", "scoring_system": "epss", "scoring_elements": "0.96812", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.30666", "scoring_system": "epss", "scoring_elements": "0.96817", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108447", "reference_id": "1108447", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108447" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://usn.ubuntu.com/2254-1/", "reference_id": "USN-2254-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2254-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-4049" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ed1v-hdew-4qfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114059?format=api", "vulnerability_id": "VCID-g7hu-58fp-wkh2", "summary": "php: integer overflow in unserialize()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3669.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3669.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.55955", "scoring_system": "epss", "scoring_elements": "0.98138", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.55955", "scoring_system": "epss", "scoring_elements": "0.9814", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154500", "reference_id": "1154500", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154500" }, { "reference_url": "https://security.gentoo.org/glsa/201411-04", "reference_id": "GLSA-201411-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1767", "reference_id": "RHSA-2014:1767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1768", "reference_id": "RHSA-2014:1768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1824", "reference_id": "RHSA-2014:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0021", "reference_id": "RHSA-2015:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0021" }, { "reference_url": "https://usn.ubuntu.com/2391-1/", "reference_id": "USN-2391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2391-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3669" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g7hu-58fp-wkh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67897?format=api", "vulnerability_id": "VCID-k6m7-rzf9-a3hy", "summary": "The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3487.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3487.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14502", "scoring_system": "epss", "scoring_elements": "0.94576", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.14502", "scoring_system": "epss", "scoring_elements": "0.94584", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1107544", "reference_id": "1107544", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1107544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3487" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k6m7-rzf9-a3hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67890?format=api", "vulnerability_id": "VCID-mwnw-synf-fbc1", "summary": "The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0237.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.2611", "scoring_system": "epss", "scoring_elements": "0.96387", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.2611", "scoring_system": "epss", "scoring_elements": "0.96392", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098193", "reference_id": "1098193", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098193" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2254-1/", "reference_id": "USN-2254-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2254-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0237" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mwnw-synf-fbc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114119?format=api", "vulnerability_id": "VCID-nfed-ph6f-73dp", "summary": "php: multiple buffer over-reads in php_parserr", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3597.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3597.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3597", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06957", "scoring_system": "epss", "scoring_elements": "0.91589", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.06957", "scoring_system": "epss", "scoring_elements": "0.91601", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1132589", "reference_id": "1132589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1132589" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1326", "reference_id": "RHSA-2014:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://usn.ubuntu.com/2344-1/", "reference_id": "USN-2344-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2344-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3597" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nfed-ph6f-73dp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114211?format=api", "vulnerability_id": "VCID-pcbe-qz2w-ckcw", "summary": "php: ArrayIterator use-after-free due to object change during sorting", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4698.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00491", "scoring_system": "epss", "scoring_elements": "0.65949", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00491", "scoring_system": "epss", "scoring_elements": "0.66001", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4698" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120259", "reference_id": "1120259", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1326", "reference_id": "RHSA-2014:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-4698" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pcbe-qz2w-ckcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67899?format=api", "vulnerability_id": "VCID-qqgd-zrvc-2uaf", "summary": "Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3587.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3587.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30214", "scoring_system": "epss", "scoring_elements": "0.96769", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.30214", "scoring_system": "epss", "scoring_elements": "0.96774", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128587", "reference_id": "1128587", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1326", "reference_id": "RHSA-2014:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/2344-1/", "reference_id": "USN-2344-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2344-1/" }, { "reference_url": "https://usn.ubuntu.com/2369-1/", "reference_id": "USN-2369-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2369-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3587" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qqgd-zrvc-2uaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114214?format=api", "vulnerability_id": "VCID-wmyz-1bey-bfde", "summary": "php: type confusion issue in phpinfo() leading to information leak", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4721.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4721.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09887", "scoring_system": "epss", "scoring_elements": "0.9314", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09887", "scoring_system": "epss", "scoring_elements": "0.93151", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116662", "reference_id": "1116662", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-4721" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wmyz-1bey-bfde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67891?format=api", "vulnerability_id": "VCID-xvxf-js9u-yyff", "summary": "The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0238.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0238.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24474", "scoring_system": "epss", "scoring_elements": "0.96216", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.24474", "scoring_system": "epss", "scoring_elements": "0.96221", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098155", "reference_id": "1098155", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098155" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2254-1/", "reference_id": "USN-2254-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2254-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0238" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xvxf-js9u-yyff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114027?format=api", "vulnerability_id": "VCID-z3zy-kryc-6bgu", "summary": "php: xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3668.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3668.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74745", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74775", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154503", "reference_id": "1154503", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154503" }, { "reference_url": "https://security.gentoo.org/glsa/201411-04", "reference_id": "GLSA-201411-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1767", "reference_id": "RHSA-2014:1767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1768", "reference_id": "RHSA-2014:1768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1768" }, { "reference_url": "https://usn.ubuntu.com/2391-1/", "reference_id": "USN-2391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2391-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3668" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3zy-kryc-6bgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67888?format=api", "vulnerability_id": "VCID-zqdy-kvwk-3ubd", "summary": "The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0207.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09377", "scoring_system": "epss", "scoring_elements": "0.92932", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09377", "scoring_system": "epss", "scoring_elements": "0.92943", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "http://mx.gw.com/pipermail/file/2014/001553.html", "reference_id": "001553.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://mx.gw.com/pipermail/file/2014/001553.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091842", "reference_id": "1091842", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091842" }, { "reference_url": "http://secunia.com/advisories/59794", "reference_id": "59794", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://secunia.com/advisories/59794" }, { "reference_url": "http://secunia.com/advisories/59831", "reference_id": "59831", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://secunia.com/advisories/59831" }, { "reference_url": "http://www.securityfocus.com/bid/68243", "reference_id": "68243", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.securityfocus.com/bid/68243" }, { "reference_url": "https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391", "reference_id": "6d209c1c489457397a5763bca4b28e43aac90391", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391" }, { "reference_url": "https://bugs.php.net/bug.php?id=67326", "reference_id": "bug.php?id=67326", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "https://bugs.php.net/bug.php?id=67326" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "ChangeLog-5.php", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2974", "reference_id": "dsa-2974", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.debian.org/security/2014/dsa-2974" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "dsa-3021", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "HT204659", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://support.apple.com/kb/HT6443", "reference_id": "HT6443", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://support.apple.com/kb/HT6443" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html", "reference_id": "msg00046.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "RHSA-2014-1765.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "RHSA-2014-1766.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0207" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqdy-kvwk-3ubd" } ], "fixing_vulnerabilities": [], "risk_score": "0.2", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php55-php@5.5.6-13%3Farch=el6" }