{"url":"http://public2.vulnerablecode.io/api/packages/388521?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.5.0%2B2","type":"composer","namespace":"phpmyadmin","name":"phpmyadmin","version":"4.5.0+2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.5.5+1","latest_non_vulnerable_version":"5.2.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182749?format=json","vulnerability_id":"VCID-2vgv-5qz9-cqg9","summary":"security update","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2040","reference_id":"","reference_type":"","scores":[{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66118","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/75a55824012406a08c4debf5ddb7ae41c32a7dbc","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/75a55824012406a08c4debf5ddb7ae41c32a7dbc"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/aca42efa01917cc0fe8cfdb2927a6399ca1742f2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/aca42efa01917cc0fe8cfdb2927a6399ca1742f2"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/edffb52884b09562490081c3b8666ef46c296418","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/edffb52884b09562490081c3b8666ef46c296418"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2040","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2040"},{"reference_url":"http://www.debian.org/security/2016/dsa-3627","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3627"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2016-3.php","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2016-3.php"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384845?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4abg-2uaq-93cm"},{"vulnerability":"VCID-8zcz-hfgw-1uh3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/386612?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3fqj-9fn2-uqhe"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-7k46-nxcx-zfdz"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-fkv9-r3fc-zyau"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-m92n-w5zs-qkfr"},{"vulnerability":"VCID-mdf6-k5zm-5uen"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-nwea-842b-hbet"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-ucfd-2whz-j3ep"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"},{"vulnerability":"VCID-x7nv-bve2-97ah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0"}],"aliases":["CVE-2016-2040","GHSA-pw34-qf6c-84fc"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vgv-5qz9-cqg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204361?format=json","vulnerability_id":"VCID-4abg-2uaq-93cm","summary":"Cross-site scripting (XSS) vulnerability in the format function in libraries/sql-parser/src/Utils/Error.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2559","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50693","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2559"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/3a6a9a807d99371ee126635e1a505fc1fe0df32c","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/3a6a9a807d99371ee126635e1a505fc1fe0df32c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2559","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2559"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2016-10","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2016-10"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2016-10/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2016-10/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/386047?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.5.5%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.5%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/386612?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3fqj-9fn2-uqhe"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-7k46-nxcx-zfdz"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-fkv9-r3fc-zyau"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-m92n-w5zs-qkfr"},{"vulnerability":"VCID-mdf6-k5zm-5uen"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-nwea-842b-hbet"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-ucfd-2whz-j3ep"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"},{"vulnerability":"VCID-x7nv-bve2-97ah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0"}],"aliases":["CVE-2016-2559","GHSA-7rf8-9r8f-qf59"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4abg-2uaq-93cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204362?format=json","vulnerability_id":"VCID-8zcz-hfgw-1uh3","summary":"The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5.x before 4.5.5.1 does not verify X.509 certificates from api.github.com SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive information via a crafted certificate.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2562","reference_id":"","reference_type":"","scores":[{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45983","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2562"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/e42b7e3aedd29dd0f7a48575f20bfc5aca0ff976","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/e42b7e3aedd29dd0f7a48575f20bfc5aca0ff976"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2562","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2562"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2016-13","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2016-13"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2016-13/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2016-13/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/386047?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.5.5%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.5%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/386612?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3fqj-9fn2-uqhe"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-7k46-nxcx-zfdz"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-fkv9-r3fc-zyau"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-m92n-w5zs-qkfr"},{"vulnerability":"VCID-mdf6-k5zm-5uen"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-nwea-842b-hbet"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-ucfd-2whz-j3ep"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"},{"vulnerability":"VCID-x7nv-bve2-97ah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0"}],"aliases":["CVE-2016-2562","GHSA-w8qg-j9fp-hrjf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zcz-hfgw-1uh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182750?format=json","vulnerability_id":"VCID-n8hd-vjza-mfdw","summary":"security update","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2041","reference_id":"","reference_type":"","scores":[{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.77735","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2041","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2041"},{"reference_url":"http://www.debian.org/security/2016/dsa-3627","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3627"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2016-5.php","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2016-5.php"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384845?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4abg-2uaq-93cm"},{"vulnerability":"VCID-8zcz-hfgw-1uh3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/386612?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3fqj-9fn2-uqhe"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-7k46-nxcx-zfdz"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-fkv9-r3fc-zyau"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-m92n-w5zs-qkfr"},{"vulnerability":"VCID-mdf6-k5zm-5uen"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-nwea-842b-hbet"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-ucfd-2whz-j3ep"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"},{"vulnerability":"VCID-x7nv-bve2-97ah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0"}],"aliases":["CVE-2016-2041","GHSA-8m97-xc46-rw9w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n8hd-vjza-mfdw"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.0%252B2"}