{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","type":"apk","namespace":"alpine","name":"php7","version":"7.1.29-r0","qualifiers":{"arch":"x86","distroversion":"v3.7","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7.1.30-r0","latest_non_vulnerable_version":"7.1.33-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79686?format=json","vulnerability_id":"VCID-1ap1-zugk-gbas","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9639.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9639.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9639","reference_id":"","reference_type":"","scores":[{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.9442","published_at":"2026-04-01T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94526","published_at":"2026-05-16T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94513","published_at":"2026-05-12T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94527","published_at":"2026-05-14T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94531","published_at":"2026-05-15T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94427","published_at":"2026-04-02T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94438","published_at":"2026-04-04T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.9444","published_at":"2026-04-07T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.9445","published_at":"2026-04-08T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94453","published_at":"2026-04-09T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94456","published_at":"2026-04-11T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94458","published_at":"2026-04-13T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94472","published_at":"2026-04-16T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94476","published_at":"2026-04-18T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.9448","published_at":"2026-04-24T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94479","published_at":"2026-04-29T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94485","published_at":"2026-05-05T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94492","published_at":"2026-05-07T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94502","published_at":"2026-05-09T12:55:00Z"},{"value":"0.14536","scoring_system":"epss","scoring_elements":"0.94506","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9639"},{"reference_url":"https://bugs.php.net/bug.php?id=77659","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190502-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190502-0007/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4403","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4403"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688934","reference_id":"1688934","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688934"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9639","reference_id":"CVE-2019-9639","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1624","reference_id":"RHSA-2020:1624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1624"},{"reference_url":"https://usn.ubuntu.com/3922-1/","reference_id":"USN-3922-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-1/"},{"reference_url":"https://usn.ubuntu.com/3922-2/","reference_id":"USN-3922-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-2/"},{"reference_url":"https://usn.ubuntu.com/3922-3/","reference_id":"USN-3922-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2019-9639"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ap1-zugk-gbas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79684?format=json","vulnerability_id":"VCID-2frx-71st-5qar","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9638.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9638.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9638","reference_id":"","reference_type":"","scores":[{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94722","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94829","published_at":"2026-05-16T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94812","published_at":"2026-05-12T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94824","published_at":"2026-05-14T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94827","published_at":"2026-05-15T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94731","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94735","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94736","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94745","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.9475","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94754","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94758","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94767","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94769","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94773","published_at":"2026-04-24T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94774","published_at":"2026-04-26T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94775","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94784","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94791","published_at":"2026-05-07T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94801","published_at":"2026-05-09T12:55:00Z"},{"value":"0.15914","scoring_system":"epss","scoring_elements":"0.94807","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9638"},{"reference_url":"https://bugs.php.net/bug.php?id=77563","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77563"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190502-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190502-0007/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4403","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4403"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688922","reference_id":"1688922","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688922"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9638","reference_id":"CVE-2019-9638","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1624","reference_id":"RHSA-2020:1624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1624"},{"reference_url":"https://usn.ubuntu.com/3922-1/","reference_id":"USN-3922-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-1/"},{"reference_url":"https://usn.ubuntu.com/3922-2/","reference_id":"USN-3922-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-2/"},{"reference_url":"https://usn.ubuntu.com/3922-3/","reference_id":"USN-3922-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2019-9638"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2frx-71st-5qar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74006?format=json","vulnerability_id":"VCID-4gxr-wh6g-bbbe","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"},{"reference_url":"http://php.net/ChangeLog-5.php","reference_id":"","reference_type":"","scores":[],"url":"http://php.net/ChangeLog-5.php"},{"reference_url":"http://php.net/ChangeLog-7.php","reference_id":"","reference_type":"","scores":[],"url":"http://php.net/ChangeLog-7.php"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20783.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20783","reference_id":"","reference_type":"","scores":[{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89922","published_at":"2026-05-16T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89843","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89836","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89851","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.8985","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89864","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.8988","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89891","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89885","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89894","published_at":"2026-05-12T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89911","published_at":"2026-05-14T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.8992","published_at":"2026-05-15T12:55:00Z"},{"value":"0.05101","scoring_system":"epss","scoring_elements":"0.89829","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06535","scoring_system":"epss","scoring_elements":"0.91074","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06535","scoring_system":"epss","scoring_elements":"0.91115","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06535","scoring_system":"epss","scoring_elements":"0.91122","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06535","scoring_system":"epss","scoring_elements":"0.91124","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06535","scoring_system":"epss","scoring_elements":"0.91079","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06535","scoring_system":"epss","scoring_elements":"0.91088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06535","scoring_system":"epss","scoring_elements":"0.91096","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06535","scoring_system":"epss","scoring_elements":"0.91109","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20783"},{"reference_url":"https://bugs.php.net/bug.php?id=77143","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1680545","reference_id":"1680545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1680545"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20783","reference_id":"CVE-2018-20783","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1624","reference_id":"RHSA-2020:1624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1624"},{"reference_url":"https://usn.ubuntu.com/3566-2/","reference_id":"USN-3566-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3566-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-20783"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gxr-wh6g-bbbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82999?format=json","vulnerability_id":"VCID-4qq9-cj2b-dkbh","summary":"php: Serializing or unserializing COM objects crashes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19396.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19396","reference_id":"","reference_type":"","scores":[{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.8324","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83257","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83271","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.8327","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83294","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83304","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83319","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83313","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83309","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83344","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83345","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83346","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.8337","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83377","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83379","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83403","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83424","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83443","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83445","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83461","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83496","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83507","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83508","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19396"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1652716","reference_id":"1652716","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1652716"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-19396"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qq9-cj2b-dkbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61527?format=json","vulnerability_id":"VCID-6xda-97rd-9bam","summary":"Multiple vulnerabilities have been found in GD, the worst of which\n    could result in the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html"},{"reference_url":"http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html"},{"reference_url":"http://php.net/ChangeLog-5.php","reference_id":"","reference_type":"","scores":[],"url":"http://php.net/ChangeLog-5.php"},{"reference_url":"http://php.net/ChangeLog-7.php","reference_id":"","reference_type":"","scores":[],"url":"http://php.net/ChangeLog-7.php"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6977","reference_id":"","reference_type":"","scores":[{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99399","published_at":"2026-04-02T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99404","published_at":"2026-04-11T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99408","published_at":"2026-05-05T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99407","published_at":"2026-04-18T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99409","published_at":"2026-05-07T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.9941","published_at":"2026-04-26T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99411","published_at":"2026-05-11T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99414","published_at":"2026-05-12T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.994","published_at":"2026-04-04T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99402","published_at":"2026-04-08T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99403","published_at":"2026-04-09T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99405","published_at":"2026-04-13T12:55:00Z"},{"value":"0.87883","scoring_system":"epss","scoring_elements":"0.99487","published_at":"2026-05-16T12:55:00Z"},{"value":"0.87883","scoring_system":"epss","scoring_elements":"0.99485","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6977"},{"reference_url":"https://bugs.php.net/bug.php?id=77270","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190315-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190315-0003/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4384","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4384"},{"reference_url":"https://www.exploit-db.com/exploits/46677/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/46677/"},{"reference_url":"http://www.securityfocus.com/bid/106731","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106731"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672207","reference_id":"1672207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672207"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645","reference_id":"920645","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645"},{"reference_url":"https://security.archlinux.org/AVG-865","reference_id":"AVG-865","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-865"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php","reference_id":"CVE-2019-6977","reference_type":"exploit","scores":[],"url":"https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php","reference_id":"CVE-2019-6977","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6977","reference_id":"CVE-2019-6977","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6977"},{"reference_url":"https://security.gentoo.org/glsa/201903-18","reference_id":"GLSA-201903-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4659","reference_id":"RHSA-2020:4659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4659"},{"reference_url":"https://usn.ubuntu.com/3900-1/","reference_id":"USN-3900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3900-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2019-6977"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xda-97rd-9bam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74004?format=json","vulnerability_id":"VCID-7agg-jfnb-t7c9","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14883.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14883","reference_id":"","reference_type":"","scores":[{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95483","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95492","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95498","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95502","published_at":"2026-04-07T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95509","published_at":"2026-04-08T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95516","published_at":"2026-04-11T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95517","published_at":"2026-04-12T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95518","published_at":"2026-04-13T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95526","published_at":"2026-04-16T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95532","published_at":"2026-04-18T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95534","published_at":"2026-04-21T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95535","published_at":"2026-04-24T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95536","published_at":"2026-04-26T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95537","published_at":"2026-04-29T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95551","published_at":"2026-05-05T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95554","published_at":"2026-05-07T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95561","published_at":"2026-05-09T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95567","published_at":"2026-05-11T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95571","published_at":"2026-05-12T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95583","published_at":"2026-05-14T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95585","published_at":"2026-05-15T12:55:00Z"},{"value":"0.20292","scoring_system":"epss","scoring_elements":"0.95589","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609637","reference_id":"1609637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609637"},{"reference_url":"https://usn.ubuntu.com/3766-1/","reference_id":"USN-3766-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3766-1/"},{"reference_url":"https://usn.ubuntu.com/3766-2/","reference_id":"USN-3766-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3766-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-14883"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7agg-jfnb-t7c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74003?format=json","vulnerability_id":"VCID-8dmb-887r-zqe8","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14851.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14851.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14851","reference_id":"","reference_type":"","scores":[{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.6103","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61107","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61136","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.6115","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61165","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61186","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61153","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61194","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.612","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.6118","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61169","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61184","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61177","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61125","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61174","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61234","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61196","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61222","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61279","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61294","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61307","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609642","reference_id":"1609642","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://usn.ubuntu.com/3766-1/","reference_id":"USN-3766-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3766-1/"},{"reference_url":"https://usn.ubuntu.com/3766-2/","reference_id":"USN-3766-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3766-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-14851"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8dmb-887r-zqe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79065?format=json","vulnerability_id":"VCID-8kme-kjne-xubq","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11035.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11035","reference_id":"","reference_type":"","scores":[{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86436","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.8665","published_at":"2026-05-16T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86594","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86605","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86639","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86649","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86466","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86465","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86484","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86495","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.8651","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86507","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86501","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86517","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86522","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86515","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86534","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86543","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86542","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86562","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86581","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02968","scoring_system":"epss","scoring_elements":"0.86598","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11035"},{"reference_url":"https://bugs.php.net/bug.php?id=77831","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html"},{"reference_url":"https://seclists.org/bugtraq/2019/Sep/38","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Sep/38"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190502-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190502-0001/"},{"reference_url":"https://support.f5.com/csp/article/K44590877","reference_id":"","reference_type":"","scores":[],"url":"https://support.f5.com/csp/article/K44590877"},{"reference_url":"https://www.debian.org/security/2019/dsa-4529","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4529"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702246","reference_id":"1702246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702246"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11035","reference_id":"CVE-2019-11035","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1624","reference_id":"RHSA-2020:1624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1624"},{"reference_url":"https://usn.ubuntu.com/3953-1/","reference_id":"USN-3953-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3953-1/"},{"reference_url":"https://usn.ubuntu.com/3953-2/","reference_id":"USN-3953-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3953-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2019-11035"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8kme-kjne-xubq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43011?format=json","vulnerability_id":"VCID-dcbh-qs9z-ubaw","summary":"Multiple vulnerabilities have been found in PHP, the worst of which\n    could result in the execution of arbitrary shell commands.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19518.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19518.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19518","reference_id":"","reference_type":"","scores":[{"value":"0.93869","scoring_system":"epss","scoring_elements":"0.99874","published_at":"2026-05-16T12:55:00Z"},{"value":"0.93869","scoring_system":"epss","scoring_elements":"0.9987","published_at":"2026-04-24T12:55:00Z"},{"value":"0.93869","scoring_system":"epss","scoring_elements":"0.99871","published_at":"2026-04-29T12:55:00Z"},{"value":"0.93869","scoring_system":"epss","scoring_elements":"0.99872","published_at":"2026-05-07T12:55:00Z"},{"value":"0.93869","scoring_system":"epss","scoring_elements":"0.99873","published_at":"2026-05-11T12:55:00Z"},{"value":"0.93956","scoring_system":"epss","scoring_elements":"0.99883","published_at":"2026-04-04T12:55:00Z"},{"value":"0.93956","scoring_system":"epss","scoring_elements":"0.99884","published_at":"2026-04-08T12:55:00Z"},{"value":"0.93956","scoring_system":"epss","scoring_elements":"0.99882","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1654228","reference_id":"1654228","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1654228"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914632","reference_id":"914632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914632"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45914.rb","reference_id":"CVE-2018-19518","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45914.rb"},{"reference_url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/b3ad4a03581f53c670d91e82d2a4ef00ec392f8f/modules/exploits/linux/http/php_imap_open_rce.rb","reference_id":"CVE-2018-19518","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/b3ad4a03581f53c670d91e82d2a4ef00ec392f8f/modules/exploits/linux/http/php_imap_open_rce.rb"},{"reference_url":"https://security.gentoo.org/glsa/202003-57","reference_id":"GLSA-202003-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-57"},{"reference_url":"https://usn.ubuntu.com/4160-1/","reference_id":"USN-4160-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4160-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-19518"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dcbh-qs9z-ubaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81339?format=json","vulnerability_id":"VCID-g1b8-dkd3-j3a2","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10166.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10166","reference_id":"","reference_type":"","scores":[{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.9225","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92257","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92263","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92266","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92277","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92281","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92288","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92285","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92297","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92302","published_at":"2026-04-24T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92303","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92299","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92309","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92319","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92328","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.9233","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92337","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92356","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92364","published_at":"2026-05-15T12:55:00Z"},{"value":"0.08333","scoring_system":"epss","scoring_elements":"0.92357","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10166"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1418983","reference_id":"1418983","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1418983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://usn.ubuntu.com/3213-1/","reference_id":"USN-3213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3213-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2016-10166"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g1b8-dkd3-j3a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83837?format=json","vulnerability_id":"VCID-jugh-v1yu-cbcv","summary":"php: Mishandled http_header_value in an atoi() call in http_fopen_wrapper.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14884.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14884","reference_id":"","reference_type":"","scores":[{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67907","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.6793","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67949","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67928","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67979","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67992","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68015","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68002","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67967","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68004","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68017","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68042","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68051","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68057","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68031","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68073","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68114","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68081","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68107","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68163","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68177","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.6819","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1612362","reference_id":"1612362","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1612362"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-14884"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jugh-v1yu-cbcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180670?format=json","vulnerability_id":"VCID-n2rw-3mh1-sufk","summary":"ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM(\"WScript.Shell\").","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19395","reference_id":"","reference_type":"","scores":[{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83483","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83495","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.8351","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83511","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83535","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83544","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83559","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83553","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83549","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83583","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83584","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83585","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83609","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83617","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.8362","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83644","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83664","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83682","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83698","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83733","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83743","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83746","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19395"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-19395"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n2rw-3mh1-sufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79066?format=json","vulnerability_id":"VCID-pn3v-35ge-fqa6","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11036.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11036.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11036","reference_id":"","reference_type":"","scores":[{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82148","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82161","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82182","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82179","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82205","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82212","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82232","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82224","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82218","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82254","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82255","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82276","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82288","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82293","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82311","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82332","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82353","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.8235","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82367","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82407","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82413","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82416","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1707299","reference_id":"1707299","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1707299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1624","reference_id":"RHSA-2020:1624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1624"},{"reference_url":"https://usn.ubuntu.com/3566-2/","reference_id":"USN-3566-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3566-2/"},{"reference_url":"https://usn.ubuntu.com/4009-1/","reference_id":"USN-4009-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4009-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2019-11036"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pn3v-35ge-fqa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57243?format=json","vulnerability_id":"VCID-ps5m-es4t-5fbm","summary":"Multiple vulnerabilities have been found in PHP, the worst of which\n    could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17082.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17082.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17082","reference_id":"","reference_type":"","scores":[{"value":"0.04436","scoring_system":"epss","scoring_elements":"0.89149","published_at":"2026-05-16T12:55:00Z"},{"value":"0.04436","scoring_system":"epss","scoring_elements":"0.89093","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04436","scoring_system":"epss","scoring_elements":"0.89108","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04436","scoring_system":"epss","scoring_elements":"0.89119","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04436","scoring_system":"epss","scoring_elements":"0.89115","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04436","scoring_system":"epss","scoring_elements":"0.89124","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04436","scoring_system":"epss","scoring_elements":"0.89141","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04436","scoring_system":"epss","scoring_elements":"0.89152","published_at":"2026-05-15T12:55:00Z"},{"value":"0.08005","scoring_system":"epss","scoring_elements":"0.92112","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92225","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92238","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92237","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92243","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92191","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92229","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92228","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92198","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92204","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92207","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92219","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08241","scoring_system":"epss","scoring_elements":"0.92222","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1629552","reference_id":"1629552","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1629552"},{"reference_url":"https://security.gentoo.org/glsa/201812-01","reference_id":"GLSA-201812-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201812-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-17082"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ps5m-es4t-5fbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79688?format=json","vulnerability_id":"VCID-psz8-fjxf-xuge","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9641.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9641.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9641","reference_id":"","reference_type":"","scores":[{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97893","published_at":"2026-04-01T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97946","published_at":"2026-05-16T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97937","published_at":"2026-05-12T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97942","published_at":"2026-05-14T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97944","published_at":"2026-05-15T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97899","published_at":"2026-04-02T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97901","published_at":"2026-04-04T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97904","published_at":"2026-04-07T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97908","published_at":"2026-04-08T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97911","published_at":"2026-04-09T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97914","published_at":"2026-04-11T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97915","published_at":"2026-04-12T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97917","published_at":"2026-04-13T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97924","published_at":"2026-04-26T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97925","published_at":"2026-04-18T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97922","published_at":"2026-04-24T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97929","published_at":"2026-04-29T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97933","published_at":"2026-05-05T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97931","published_at":"2026-05-07T12:55:00Z"},{"value":"0.52083","scoring_system":"epss","scoring_elements":"0.97934","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9641"},{"reference_url":"https://bugs.php.net/bug.php?id=77509","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190502-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190502-0007/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4403","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4403"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688943","reference_id":"1688943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688943"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9641","reference_id":"CVE-2019-9641","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9641"},{"reference_url":"https://usn.ubuntu.com/3922-1/","reference_id":"USN-3922-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-1/"},{"reference_url":"https://usn.ubuntu.com/3922-2/","reference_id":"USN-3922-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-2/"},{"reference_url":"https://usn.ubuntu.com/3922-3/","reference_id":"USN-3922-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2019-9641"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-psz8-fjxf-xuge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79683?format=json","vulnerability_id":"VCID-rjc8-9tfv-sfdk","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9637.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9637.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9637","reference_id":"","reference_type":"","scores":[{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.92962","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93074","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93053","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93076","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93081","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.92971","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.92975","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.92974","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.92982","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.92987","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.92992","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.9299","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.92991","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93001","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93004","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93011","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93017","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93016","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93012","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93032","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93043","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0987","scoring_system":"epss","scoring_elements":"0.93046","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9637"},{"reference_url":"https://bugs.php.net/bug.php?id=77630","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77630"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190502-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190502-0007/"},{"reference_url":"https://support.f5.com/csp/article/K53825211","reference_id":"","reference_type":"","scores":[],"url":"https://support.f5.com/csp/article/K53825211"},{"reference_url":"https://www.debian.org/security/2019/dsa-4403","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4403"},{"reference_url":"https://www.tenable.com/security/tns-2019-07","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2019-07"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688897","reference_id":"1688897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688897"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9637","reference_id":"CVE-2019-9637","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9637"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1624","reference_id":"RHSA-2020:1624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1624"},{"reference_url":"https://usn.ubuntu.com/3922-1/","reference_id":"USN-3922-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-1/"},{"reference_url":"https://usn.ubuntu.com/3922-2/","reference_id":"USN-3922-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-2/"},{"reference_url":"https://usn.ubuntu.com/3922-3/","reference_id":"USN-3922-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2019-9637"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjc8-9tfv-sfdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178444?format=json","vulnerability_id":"VCID-tk4q-pasf-uucd","summary":"An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15132","reference_id":"","reference_type":"","scores":[{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.8956","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89564","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89577","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89578","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89594","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89599","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89606","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89605","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89612","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89614","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.8961","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89624","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89628","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89638","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89656","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89668","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89665","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89674","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89692","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04902","scoring_system":"epss","scoring_elements":"0.89702","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15132"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-15132"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tk4q-pasf-uucd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74005?format=json","vulnerability_id":"VCID-uebj-pchu-r3ed","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19935.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19935","reference_id":"","reference_type":"","scores":[{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.95966","published_at":"2026-04-01T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.95973","published_at":"2026-04-02T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.9598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.95984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.95993","published_at":"2026-04-08T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.95995","published_at":"2026-04-09T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.95999","published_at":"2026-04-12T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96001","published_at":"2026-04-13T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96011","published_at":"2026-04-16T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96016","published_at":"2026-04-18T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96018","published_at":"2026-04-26T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96017","published_at":"2026-04-29T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96028","published_at":"2026-05-05T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96033","published_at":"2026-05-07T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96038","published_at":"2026-05-09T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96042","published_at":"2026-05-11T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96047","published_at":"2026-05-12T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96058","published_at":"2026-05-14T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.9606","published_at":"2026-05-15T12:55:00Z"},{"value":"0.23723","scoring_system":"epss","scoring_elements":"0.96062","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660525","reference_id":"1660525","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660525"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-19935"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uebj-pchu-r3ed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79687?format=json","vulnerability_id":"VCID-vh94-jp2p-zygp","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9640.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9640.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9640","reference_id":"","reference_type":"","scores":[{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94783","published_at":"2026-04-01T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94888","published_at":"2026-05-16T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94872","published_at":"2026-05-12T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94883","published_at":"2026-05-14T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94886","published_at":"2026-05-15T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94793","published_at":"2026-04-02T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94796","published_at":"2026-04-04T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94797","published_at":"2026-04-07T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94807","published_at":"2026-04-08T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94811","published_at":"2026-04-09T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94815","published_at":"2026-04-11T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94818","published_at":"2026-04-12T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94819","published_at":"2026-04-13T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94826","published_at":"2026-04-16T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94829","published_at":"2026-04-18T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94832","published_at":"2026-04-21T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94834","published_at":"2026-04-24T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94835","published_at":"2026-04-26T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94836","published_at":"2026-04-29T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94844","published_at":"2026-05-05T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94852","published_at":"2026-05-07T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94862","published_at":"2026-05-09T12:55:00Z"},{"value":"0.16236","scoring_system":"epss","scoring_elements":"0.94867","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9640"},{"reference_url":"https://bugs.php.net/bug.php?id=77540","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190502-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190502-0007/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4403","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4403"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688939","reference_id":"1688939","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688939"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9640","reference_id":"CVE-2019-9640","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1624","reference_id":"RHSA-2020:1624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1624"},{"reference_url":"https://usn.ubuntu.com/3922-1/","reference_id":"USN-3922-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-1/"},{"reference_url":"https://usn.ubuntu.com/3922-2/","reference_id":"USN-3922-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-2/"},{"reference_url":"https://usn.ubuntu.com/3922-3/","reference_id":"USN-3922-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3922-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2019-9640"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vh94-jp2p-zygp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79064?format=json","vulnerability_id":"VCID-vtnn-62dq-yuee","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11034.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11034","reference_id":"","reference_type":"","scores":[{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.8591","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.86139","published_at":"2026-05-16T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.86074","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.86088","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.86128","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.86138","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85921","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85938","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85939","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85958","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85968","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85983","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85981","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85976","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85994","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.85999","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.8599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.86009","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.86019","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.86037","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.8606","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02738","scoring_system":"epss","scoring_elements":"0.86078","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11034"},{"reference_url":"https://bugs.php.net/bug.php?id=77753","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html"},{"reference_url":"https://seclists.org/bugtraq/2019/Sep/38","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Sep/38"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190502-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190502-0001/"},{"reference_url":"https://support.f5.com/csp/article/K44590877","reference_id":"","reference_type":"","scores":[],"url":"https://support.f5.com/csp/article/K44590877"},{"reference_url":"https://www.debian.org/security/2019/dsa-4529","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4529"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702256","reference_id":"1702256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702256"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11034","reference_id":"CVE-2019-11034","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1624","reference_id":"RHSA-2020:1624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1624"},{"reference_url":"https://usn.ubuntu.com/3953-1/","reference_id":"USN-3953-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3953-1/"},{"reference_url":"https://usn.ubuntu.com/3953-2/","reference_id":"USN-3953-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3953-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2019-11034"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtnn-62dq-yuee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63798?format=json","vulnerability_id":"VCID-xh65-k3uv-77af","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5712.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5712.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5712","reference_id":"","reference_type":"","scores":[{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.9953","published_at":"2026-04-02T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99532","published_at":"2026-04-04T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99533","published_at":"2026-04-07T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99534","published_at":"2026-04-09T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99535","published_at":"2026-04-12T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99536","published_at":"2026-04-13T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99538","published_at":"2026-04-16T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99539","published_at":"2026-04-21T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.9954","published_at":"2026-04-24T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99541","published_at":"2026-04-26T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99542","published_at":"2026-04-29T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99543","published_at":"2026-05-09T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99545","published_at":"2026-05-11T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99546","published_at":"2026-05-12T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99547","published_at":"2026-05-14T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99548","published_at":"2026-05-15T12:55:00Z"},{"value":"0.89192","scoring_system":"epss","scoring_elements":"0.99549","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535251","reference_id":"1535251","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1112","reference_id":"RHSA-2020:1112","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1112"},{"reference_url":"https://usn.ubuntu.com/3566-1/","reference_id":"USN-3566-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3566-1/"},{"reference_url":"https://usn.ubuntu.com/3600-1/","reference_id":"USN-3600-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3600-1/"},{"reference_url":"https://usn.ubuntu.com/3600-2/","reference_id":"USN-3600-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3600-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/409863?format=json","purl":"pkg:apk/alpine/php7@7.1.29-r0?arch=x86&distroversion=v3.7&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}],"aliases":["CVE-2018-5712"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xh65-k3uv-77af"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86&distroversion=v3.7&reponame=community"}