{"url":"http://public2.vulnerablecode.io/api/packages/373105?format=json","purl":"pkg:alpm/archlinux/php@7.0.13-1","type":"alpm","namespace":"archlinux","name":"php","version":"7.0.13-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"7.1.1-0","latest_non_vulnerable_version":"8.1.7-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49947?format=json","vulnerability_id":"VCID-fkxn-xery-yfav","summary":"Multiple vulnerabilities have been found in PHP, the worst of which\n    could lead to arbitrary code execution or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9935.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9935","reference_id":"","reference_type":"","scores":[{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88943","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89041","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89031","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89034","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88951","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88967","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.8897","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88988","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88993","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89005","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89001","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88999","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89013","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89011","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89007","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89023","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404731","reference_id":"1404731","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404731"},{"reference_url":"https://security.archlinux.org/ASA-201701-28","reference_id":"ASA-201701-28","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-28"},{"reference_url":"https://security.archlinux.org/AVG-105","reference_id":"AVG-105","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-105"},{"reference_url":"https://security.gentoo.org/glsa/201702-29","reference_id":"GLSA-201702-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3196-1/","reference_id":"USN-3196-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3196-1/"},{"reference_url":"https://usn.ubuntu.com/3211-1/","reference_id":"USN-3211-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3211-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373106?format=json","purl":"pkg:alpm/archlinux/php@7.1.1-0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.1.1-0"}],"aliases":["CVE-2016-9935"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fkxn-xery-yfav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84668?format=json","vulnerability_id":"VCID-v2xk-mv3d-pbbp","summary":"php: Use of uninitialized memory in unserialize()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5340.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5340.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5340","reference_id":"","reference_type":"","scores":[{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91511","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91588","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.9158","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91579","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91576","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91518","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91524","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91532","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91545","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91551","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91555","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91556","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91554","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91577","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91573","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0714","scoring_system":"epss","scoring_elements":"0.91572","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5340"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1412631","reference_id":"1412631","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1412631"},{"reference_url":"https://security.archlinux.org/ASA-201701-28","reference_id":"ASA-201701-28","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-28"},{"reference_url":"https://security.archlinux.org/AVG-105","reference_id":"AVG-105","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-105"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3211-1/","reference_id":"USN-3211-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3211-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373106?format=json","purl":"pkg:alpm/archlinux/php@7.1.1-0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.1.1-0"}],"aliases":["CVE-2017-5340"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v2xk-mv3d-pbbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84697?format=json","vulnerability_id":"VCID-zf7p-9t9z-43bb","summary":"php: Use After Free in unserialize()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9936.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9936.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9936","reference_id":"","reference_type":"","scores":[{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72011","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72129","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72142","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72137","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72018","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72038","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72015","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72054","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72066","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72089","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72072","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72057","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72106","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72091","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72134","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9936"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404735","reference_id":"1404735","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404735"},{"reference_url":"https://security.archlinux.org/ASA-201701-28","reference_id":"ASA-201701-28","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-28"},{"reference_url":"https://security.archlinux.org/AVG-105","reference_id":"AVG-105","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-105"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3211-1/","reference_id":"USN-3211-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3211-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373106?format=json","purl":"pkg:alpm/archlinux/php@7.1.1-0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.1.1-0"}],"aliases":["CVE-2016-9936"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zf7p-9t9z-43bb"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82261?format=json","vulnerability_id":"VCID-5k5j-2vux-a7hn","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7478.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7478","reference_id":"","reference_type":"","scores":[{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95262","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95331","published_at":"2026-05-05T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.9532","published_at":"2026-04-26T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95321","published_at":"2026-04-29T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95279","published_at":"2026-04-04T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95284","published_at":"2026-04-07T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95292","published_at":"2026-04-08T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95294","published_at":"2026-04-09T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95299","published_at":"2026-04-11T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.953","published_at":"2026-04-12T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95302","published_at":"2026-04-13T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95309","published_at":"2026-04-16T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95313","published_at":"2026-04-18T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95316","published_at":"2026-04-21T12:55:00Z"},{"value":"0.18863","scoring_system":"epss","scoring_elements":"0.95317","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1412245","reference_id":"1412245","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1412245"},{"reference_url":"https://security.archlinux.org/ASA-201611-19","reference_id":"ASA-201611-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-19"},{"reference_url":"https://security.archlinux.org/AVG-58","reference_id":"AVG-58","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-58"},{"reference_url":"https://usn.ubuntu.com/3196-1/","reference_id":"USN-3196-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3196-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373105?format=json","purl":"pkg:alpm/archlinux/php@7.0.13-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fkxn-xery-yfav"},{"vulnerability":"VCID-v2xk-mv3d-pbbp"},{"vulnerability":"VCID-zf7p-9t9z-43bb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.0.13-1"}],"aliases":["CVE-2016-7478"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5k5j-2vux-a7hn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82203?format=json","vulnerability_id":"VCID-75xx-y3xu-cqe2","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6911.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6911.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6911","reference_id":"","reference_type":"","scores":[{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70523","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70655","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70679","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70678","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70537","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70554","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70532","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70577","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70592","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70615","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.706","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70587","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70631","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.7064","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70618","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.7067","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388787","reference_id":"1388787","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388787"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840806","reference_id":"840806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840806"},{"reference_url":"https://security.archlinux.org/ASA-201611-19","reference_id":"ASA-201611-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-19"},{"reference_url":"https://security.archlinux.org/AVG-58","reference_id":"AVG-58","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-58"},{"reference_url":"https://usn.ubuntu.com/3117-1/","reference_id":"USN-3117-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3117-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373105?format=json","purl":"pkg:alpm/archlinux/php@7.0.13-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fkxn-xery-yfav"},{"vulnerability":"VCID-v2xk-mv3d-pbbp"},{"vulnerability":"VCID-zf7p-9t9z-43bb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.0.13-1"}],"aliases":["CVE-2016-6911"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-75xx-y3xu-cqe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82260?format=json","vulnerability_id":"VCID-aq8f-mndp-b3hf","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9934.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9934","reference_id":"","reference_type":"","scores":[{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93603","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93678","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93672","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.9367","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93612","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93621","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93623","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93632","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93634","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93639","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.9364","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93658","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93665","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93669","published_at":"2026-04-21T12:55:00Z"},{"value":"0.11579","scoring_system":"epss","scoring_elements":"0.93674","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404726","reference_id":"1404726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404726"},{"reference_url":"https://security.archlinux.org/ASA-201611-19","reference_id":"ASA-201611-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-19"},{"reference_url":"https://security.archlinux.org/AVG-58","reference_id":"AVG-58","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-58"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3196-1/","reference_id":"USN-3196-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3196-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373105?format=json","purl":"pkg:alpm/archlinux/php@7.0.13-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fkxn-xery-yfav"},{"vulnerability":"VCID-v2xk-mv3d-pbbp"},{"vulnerability":"VCID-zf7p-9t9z-43bb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.0.13-1"}],"aliases":["CVE-2016-9934"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aq8f-mndp-b3hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82259?format=json","vulnerability_id":"VCID-fwyg-v128-k7c9","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9933.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9933.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9933","reference_id":"","reference_type":"","scores":[{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93424","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93497","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.9349","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93493","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93432","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.9344","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93441","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93449","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93457","published_at":"2026-04-11T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93458","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93459","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93478","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11102","scoring_system":"epss","scoring_elements":"0.93484","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404723","reference_id":"1404723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404723"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849038","reference_id":"849038","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849038"},{"reference_url":"https://security.archlinux.org/ASA-201611-19","reference_id":"ASA-201611-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-19"},{"reference_url":"https://security.archlinux.org/AVG-58","reference_id":"AVG-58","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-58"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3213-1/","reference_id":"USN-3213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3213-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373105?format=json","purl":"pkg:alpm/archlinux/php@7.0.13-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fkxn-xery-yfav"},{"vulnerability":"VCID-v2xk-mv3d-pbbp"},{"vulnerability":"VCID-zf7p-9t9z-43bb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.0.13-1"}],"aliases":["CVE-2016-9933"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwyg-v128-k7c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62348?format=json","vulnerability_id":"VCID-pnee-e13t-57a2","summary":"Multiple vulnerabilities have been found in GD, the worst of which\n    allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7568.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7568.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7568","reference_id":"","reference_type":"","scores":[{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87398","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87502","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87483","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87489","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87422","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87423","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87442","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87449","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.8746","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87456","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87452","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87466","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87469","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03421","scoring_system":"epss","scoring_elements":"0.87467","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7568"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1380450","reference_id":"1380450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1380450"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839659","reference_id":"839659","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839659"},{"reference_url":"https://security.archlinux.org/ASA-201611-19","reference_id":"ASA-201611-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-19"},{"reference_url":"https://security.archlinux.org/AVG-58","reference_id":"AVG-58","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-58"},{"reference_url":"https://security.gentoo.org/glsa/201612-09","reference_id":"GLSA-201612-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-09"},{"reference_url":"https://usn.ubuntu.com/3117-1/","reference_id":"USN-3117-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3117-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373105?format=json","purl":"pkg:alpm/archlinux/php@7.0.13-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fkxn-xery-yfav"},{"vulnerability":"VCID-v2xk-mv3d-pbbp"},{"vulnerability":"VCID-zf7p-9t9z-43bb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.0.13-1"}],"aliases":["CVE-2016-7568"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pnee-e13t-57a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82258?format=json","vulnerability_id":"VCID-vmdm-2ey2-t3gt","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9138.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9138","reference_id":"","reference_type":"","scores":[{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88814","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88911","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88895","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88902","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88822","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88838","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88841","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88858","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88864","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88875","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.8887","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88883","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88881","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04295","scoring_system":"epss","scoring_elements":"0.88878","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1391012","reference_id":"1391012","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1391012"},{"reference_url":"https://security.archlinux.org/ASA-201611-19","reference_id":"ASA-201611-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-19"},{"reference_url":"https://security.archlinux.org/AVG-58","reference_id":"AVG-58","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-58"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373105?format=json","purl":"pkg:alpm/archlinux/php@7.0.13-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fkxn-xery-yfav"},{"vulnerability":"VCID-v2xk-mv3d-pbbp"},{"vulnerability":"VCID-zf7p-9t9z-43bb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.0.13-1"}],"aliases":["CVE-2016-9138"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vmdm-2ey2-t3gt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82204?format=json","vulnerability_id":"VCID-vya2-pzx7-m7c1","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8670.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8670.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8670","reference_id":"","reference_type":"","scores":[{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.8199","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82147","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82127","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.8213","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82002","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82024","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.8202","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82047","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82054","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82074","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82064","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82091","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82093","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82115","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1391068","reference_id":"1391068","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1391068"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840805","reference_id":"840805","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840805"},{"reference_url":"https://security.archlinux.org/ASA-201611-19","reference_id":"ASA-201611-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-19"},{"reference_url":"https://security.archlinux.org/AVG-58","reference_id":"AVG-58","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-58"},{"reference_url":"https://usn.ubuntu.com/3117-1/","reference_id":"USN-3117-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3117-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373105?format=json","purl":"pkg:alpm/archlinux/php@7.0.13-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fkxn-xery-yfav"},{"vulnerability":"VCID-v2xk-mv3d-pbbp"},{"vulnerability":"VCID-zf7p-9t9z-43bb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.0.13-1"}],"aliases":["CVE-2016-8670"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vya2-pzx7-m7c1"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/php@7.0.13-1"}