Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/582963?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "type": "deb", "namespace": "debian", "name": "file", "version": "1:5.46-5", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56038?format=api", "vulnerability_id": "VCID-1wcd-dm5g-j7g7", "summary": "security update", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2" }, { "reference_url": "http://mx.gw.com/pipermail/file/2014/001553.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://mx.gw.com/pipermail/file/2014/001553.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3480.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3480.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06258", "scoring_system": "epss", "scoring_elements": "0.90865", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06258", "scoring_system": "epss", "scoring_elements": "0.9087", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06258", "scoring_system": "epss", "scoring_elements": "0.9088", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06258", "scoring_system": "epss", "scoring_elements": "0.90891", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06258", "scoring_system": "epss", "scoring_elements": "0.90903", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06258", "scoring_system": "epss", "scoring_elements": "0.90909", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06258", "scoring_system": "epss", "scoring_elements": "0.90918", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06258", "scoring_system": "epss", "scoring_elements": "0.90916", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3480" }, { "reference_url": "https://bugs.php.net/bug.php?id=67412", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "https://bugs.php.net/bug.php?id=67412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "http://secunia.com/advisories/59794", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://secunia.com/advisories/59794" }, { "reference_url": "http://secunia.com/advisories/59831", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://secunia.com/advisories/59831" }, { "reference_url": "https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://support.apple.com/kb/HT6443", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://support.apple.com/kb/HT6443" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2974", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.debian.org/security/2014/dsa-2974" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "http://www.securityfocus.com/bid/68238", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/" } ], "url": "http://www.securityfocus.com/bid/68238" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104858", "reference_id": "1104858", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104858" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3480", "reference_id": "CVE-2014-3480", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583488?format=api", "purl": "pkg:deb/debian/file@1:5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3480" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1wcd-dm5g-j7g7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56027?format=api", "vulnerability_id": "VCID-241u-c539-sudk", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0237.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38243", "scoring_system": "epss", "scoring_elements": "0.97198", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.38243", "scoring_system": "epss", "scoring_elements": "0.97205", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.38243", "scoring_system": "epss", "scoring_elements": "0.9721", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.38243", "scoring_system": "epss", "scoring_elements": "0.97211", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.38243", "scoring_system": "epss", "scoring_elements": "0.9722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.38243", "scoring_system": "epss", "scoring_elements": "0.97221", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.38243", "scoring_system": "epss", "scoring_elements": "0.97225", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.38243", "scoring_system": "epss", "scoring_elements": "0.97226", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098193", "reference_id": "1098193", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098193" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2254-1/", "reference_id": "USN-2254-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2254-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583488?format=api", "purl": "pkg:deb/debian/file@1:5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0237" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-241u-c539-sudk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55969?format=api", "vulnerability_id": "VCID-2td7-hxf4-7kab", "summary": "several", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2270.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2270.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27067", "scoring_system": "epss", "scoring_elements": "0.9634", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.27067", "scoring_system": "epss", "scoring_elements": "0.96347", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.27067", "scoring_system": "epss", "scoring_elements": "0.96352", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.27067", "scoring_system": "epss", "scoring_elements": "0.96356", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.27067", "scoring_system": "epss", "scoring_elements": "0.96364", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.27067", "scoring_system": "epss", "scoring_elements": "0.96367", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.27067", "scoring_system": "epss", "scoring_elements": "0.96371", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.27067", "scoring_system": "epss", "scoring_elements": "0.96374", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072220", "reference_id": "1072220", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072220" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://security.gentoo.org/glsa/201503-08", "reference_id": "GLSA-201503-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://usn.ubuntu.com/2162-1/", "reference_id": "USN-2162-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2162-1/" }, { "reference_url": "https://usn.ubuntu.com/2163-1/", "reference_id": "USN-2163-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2163-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586794?format=api", "purl": "pkg:deb/debian/file@1:5.17-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.17-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-2270" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2td7-hxf4-7kab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56449?format=api", "vulnerability_id": "VCID-479u-yvtq-4qde", "summary": "A stack-based buffer overflow was found in file, possibly resulting\n in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000249.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000249.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000249", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33687", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33923", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33989", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33946", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.3403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34061", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33916", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33958", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.3399", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000249" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000249", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000249" }, { "reference_url": "https://github.com/file/file/commit/35c94dc6acc418f1ad7f6241a6680e5327495793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/35c94dc6acc418f1ad7f6241a6680e5327495793" }, { "reference_url": "https://github.com/file/file/commit/9611f31313a93aa036389c5f3b15eea53510d4d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/9611f31313a93aa036389c5f3b15eea53510d4d" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3965", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3965" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488053", "reference_id": "1488053", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488053" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:5.29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000249", "reference_id": "CVE-2017-1000249", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000249" }, { "reference_url": "https://security.gentoo.org/glsa/201710-02", "reference_id": "GLSA-201710-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-02" }, { "reference_url": "https://usn.ubuntu.com/3412-1/", "reference_id": "USN-3412-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3412-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585460?format=api", "purl": "pkg:deb/debian/file@1:5.32-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.32-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000249" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-479u-yvtq-4qde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47794?format=api", "vulnerability_id": "VCID-53je-bpjt-z7gc", "summary": "Multiple vulnerabilities have been found in file, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9653.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9653.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9653", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06827", "scoring_system": "epss", "scoring_elements": "0.91291", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06827", "scoring_system": "epss", "scoring_elements": "0.91296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06827", "scoring_system": "epss", "scoring_elements": "0.91307", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06827", "scoring_system": "epss", "scoring_elements": "0.91313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06827", "scoring_system": "epss", "scoring_elements": "0.91326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06827", "scoring_system": "epss", "scoring_elements": "0.91331", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06827", "scoring_system": "epss", "scoring_elements": "0.91339", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06827", "scoring_system": "epss", "scoring_elements": "0.91341", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06827", "scoring_system": "epss", "scoring_elements": "0.9134", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9653" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190116", "reference_id": "1190116", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190116" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777585", "reference_id": "777585", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777585" }, { "reference_url": "https://security.gentoo.org/glsa/201701-42", "reference_id": "GLSA-201701-42", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/3686-1/", "reference_id": "USN-3686-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3686-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586401?format=api", "purl": "pkg:deb/debian/file@1:5.22%2B15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.22%252B15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-9653" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-53je-bpjt-z7gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86231?format=api", "vulnerability_id": "VCID-6qge-zq5j-gkes", "summary": "file: root_storage NULL pointer deference flaw in CDF parser", "references": [ { "reference_url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f3f22ff5c697aef854ffc1918bce708b37481b0f", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f3f22ff5c697aef854ffc1918bce708b37481b0f" }, { "reference_url": "http://php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://php.net/ChangeLog-5.php" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0236.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0236.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0236", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.68946", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.68975", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.6888", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.68897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.68919", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.68898", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.68949", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.68968", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.6899", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0236" }, { "reference_url": "https://bugs.php.net/bug.php?id=67329", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/bug.php?id=67329" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0236", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0236" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098209", "reference_id": "1098209", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098209" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0236", "reference_id": "CVE-2014-0236", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0236" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583488?format=api", "purl": "pkg:deb/debian/file@1:5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0236" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qge-zq5j-gkes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56037?format=api", "vulnerability_id": "VCID-72u3-dvr8-4yh2", "summary": "security update", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2" }, { "reference_url": "http://mx.gw.com/pipermail/file/2014/001553.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mx.gw.com/pipermail/file/2014/001553.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3479.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3479.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10357", "scoring_system": "epss", "scoring_elements": "0.93197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10357", "scoring_system": "epss", "scoring_elements": "0.93168", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10357", "scoring_system": "epss", "scoring_elements": "0.93177", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10357", "scoring_system": "epss", "scoring_elements": "0.93182", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10357", "scoring_system": "epss", "scoring_elements": "0.9318", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10357", "scoring_system": "epss", "scoring_elements": "0.93189", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10357", "scoring_system": "epss", "scoring_elements": "0.93193", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10357", "scoring_system": "epss", "scoring_elements": "0.93198", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10357", "scoring_system": "epss", "scoring_elements": "0.93196", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3479" }, { "reference_url": "https://bugs.php.net/bug.php?id=67411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/bug.php?id=67411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "http://secunia.com/advisories/59794", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59794" }, { "reference_url": "http://secunia.com/advisories/59831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59831" }, { "reference_url": "https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://support.apple.com/kb/HT6443", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT6443" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2974", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-2974" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "http://www.securityfocus.com/bid/68241", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68241" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104869", "reference_id": "1104869", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104869" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3479", "reference_id": "CVE-2014-3479", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583488?format=api", "purl": "pkg:deb/debian/file@1:5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3479" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72u3-dvr8-4yh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56028?format=api", "vulnerability_id": "VCID-81ub-45sb-3kg3", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0238.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0238.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26161", "scoring_system": "epss", "scoring_elements": "0.96254", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.26161", "scoring_system": "epss", "scoring_elements": "0.96261", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.26161", "scoring_system": "epss", "scoring_elements": "0.96269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.26161", "scoring_system": "epss", "scoring_elements": "0.96273", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.26161", "scoring_system": "epss", "scoring_elements": "0.96283", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.26161", "scoring_system": "epss", "scoring_elements": "0.96286", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.26161", "scoring_system": "epss", "scoring_elements": "0.9629", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.26161", "scoring_system": "epss", "scoring_elements": "0.96293", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098155", "reference_id": "1098155", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098155" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2254-1/", "reference_id": "USN-2254-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2254-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583488?format=api", "purl": "pkg:deb/debian/file@1:5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0238" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81ub-45sb-3kg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56941?format=api", "vulnerability_id": "VCID-8hc8-whcd-x7ed", "summary": "Vulnerabilities in file could allow a context-dependent attack to\n create a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9620.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9620.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06505", "scoring_system": "epss", "scoring_elements": "0.91055", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06505", "scoring_system": "epss", "scoring_elements": "0.9106", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06505", "scoring_system": "epss", "scoring_elements": "0.9107", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06505", "scoring_system": "epss", "scoring_elements": "0.91078", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06505", "scoring_system": "epss", "scoring_elements": "0.91091", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06505", "scoring_system": "epss", "scoring_elements": "0.91097", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0829", "scoring_system": "epss", "scoring_elements": "0.92253", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0829", "scoring_system": "epss", "scoring_elements": "0.92254", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0829", "scoring_system": "epss", "scoring_elements": "0.92251", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180639", "reference_id": "1180639", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180639" }, { "reference_url": "https://security.gentoo.org/glsa/201503-08", "reference_id": "GLSA-201503-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/3686-1/", "reference_id": "USN-3686-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3686-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584525?format=api", "purl": "pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-9620" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8hc8-whcd-x7ed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56839?format=api", "vulnerability_id": "VCID-at7n-u124-efd5", "summary": "A vulnerability in file could result in Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1571.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1571.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1571", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62468", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62527", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62559", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62525", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62576", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62591", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62609", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62598", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62575", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571" }, { "reference_url": "http://mx.gw.com/pipermail/file/2012/000914.html", "reference_id": "000914.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/" } ], "url": "http://mx.gw.com/pipermail/file/2012/000914.html" }, { "reference_url": "https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295", "reference_id": "1859fdb4e67c49c463c4e0078054335cd46ba295", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/" } ], "url": "https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295" }, { "reference_url": "https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b", "reference_id": "1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/" } ], "url": "https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664263", "reference_id": "664263", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664263" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=805197", "reference_id": "805197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=805197" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:035", "reference_id": "advisories?name=MDVSA-2012:035", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:035" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2422", "reference_id": "dsa-2422", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/" } ], "url": "http://www.debian.org/security/2012/dsa-2422" }, { "reference_url": "https://security.gentoo.org/glsa/201209-14", "reference_id": "GLSA-201209-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://usn.ubuntu.com/2123-1/", "reference_id": "USN-2123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2123-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2123-1", "reference_id": "USN-2123-1", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2123-1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586677?format=api", "purl": "pkg:deb/debian/file@5.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-1571" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-at7n-u124-efd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91157?format=api", "vulnerability_id": "VCID-bf4p-nqd4-vkd6", "summary": "Unknown vulnerability in the \"Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to \"a memory allocation problem,\" has unknown impact.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1092", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20795", "scoring_system": "epss", "scoring_elements": "0.9557", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.20795", "scoring_system": "epss", "scoring_elements": "0.95579", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.20795", "scoring_system": "epss", "scoring_elements": "0.95584", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.20795", "scoring_system": "epss", "scoring_elements": "0.95586", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.20795", "scoring_system": "epss", "scoring_elements": "0.95592", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.20795", "scoring_system": "epss", "scoring_elements": "0.95595", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.20795", "scoring_system": "epss", "scoring_elements": "0.956", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.20795", "scoring_system": "epss", "scoring_elements": "0.95601", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.20795", "scoring_system": "epss", "scoring_elements": "0.95603", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1092" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22326.c", "reference_id": "CVE-2003-1092;OSVDB-14743", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22326.c" }, { "reference_url": "http://www.idefense.com/advisory/03.04.03.txt", "reference_id": "CVE-2003-1092;OSVDB-14743", "reference_type": "exploit", "scores": [], "url": "http://www.idefense.com/advisory/03.04.03.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585542?format=api", "purl": "pkg:deb/debian/file@3.4.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@3.4.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-1092" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bf4p-nqd4-vkd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58061?format=api", "vulnerability_id": "VCID-br5w-skmp-6bbv", "summary": "security update", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2015-0040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2015-0040.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8116.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8116.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15876", "scoring_system": "epss", "scoring_elements": "0.94751", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.15876", "scoring_system": "epss", "scoring_elements": "0.94715", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15876", "scoring_system": "epss", "scoring_elements": "0.94723", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15876", "scoring_system": "epss", "scoring_elements": "0.94727", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15876", "scoring_system": "epss", "scoring_elements": "0.94728", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15876", "scoring_system": "epss", "scoring_elements": "0.94738", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15876", "scoring_system": "epss", "scoring_elements": "0.94742", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15876", "scoring_system": "epss", "scoring_elements": "0.94746", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15876", "scoring_system": "epss", "scoring_elements": "0.9475", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652" }, { "reference_url": "http://seclists.org/oss-sec/2014/q4/1056", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2014/q4/1056" }, { "reference_url": "http://secunia.com/advisories/61944", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61944" }, { "reference_url": "http://secunia.com/advisories/62081", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62081" }, { "reference_url": "https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog" }, { "reference_url": "https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b8" }, { "reference_url": "https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6" }, { "reference_url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/71700", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71700" }, { "reference_url": "http://www.securitytracker.com/id/1031344", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031344" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2494-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2494-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1171580", "reference_id": "1171580", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1171580" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148", "reference_id": "773148", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:5.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8116", "reference_id": "CVE-2014-8116", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/2494-1/", "reference_id": "USN-2494-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2494-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584525?format=api", "purl": "pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8116" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-br5w-skmp-6bbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56041?format=api", "vulnerability_id": "VCID-c459-97cu-5ffc", "summary": "security update", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://php.net/ChangeLog-5.php" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1326.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1326.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3587.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3587.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19121", "scoring_system": "epss", "scoring_elements": "0.95347", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.19121", "scoring_system": "epss", "scoring_elements": "0.95345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.19121", "scoring_system": "epss", "scoring_elements": "0.95308", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.19121", "scoring_system": "epss", "scoring_elements": "0.95318", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.19121", "scoring_system": "epss", "scoring_elements": "0.95324", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.19121", "scoring_system": "epss", "scoring_elements": "0.9533", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.19121", "scoring_system": "epss", "scoring_elements": "0.95336", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.19121", "scoring_system": "epss", "scoring_elements": "0.9534", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3587" }, { "reference_url": "https://bugs.php.net/bug.php?id=67716", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/bug.php?id=67716" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670" }, { "reference_url": "http://secunia.com/advisories/60609", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60609" }, { "reference_url": "http://secunia.com/advisories/60696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60696" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/file/file/commit/0641e56be1af003aa02c7c6b0184466540637233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/0641e56be1af003aa02c7c6b0184466540637233" }, { "reference_url": "https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2014-3587" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3008", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3008" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/69325", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/69325" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2344-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2344-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2369-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2369-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128587", "reference_id": "1128587", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128587" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2:32-bit:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.0:beta2:32-bit:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2:32-bit:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3587", "reference_id": "CVE-2014-3587", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1326", "reference_id": "RHSA-2014:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/2344-1/", "reference_id": "USN-2344-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2344-1/" }, { "reference_url": "https://usn.ubuntu.com/2369-1/", "reference_id": "USN-2369-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2369-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583993?format=api", "purl": "pkg:deb/debian/file@1:5.19-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3587" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c459-97cu-5ffc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60262?format=api", "vulnerability_id": "VCID-dn25-adac-e3cr", "summary": "A vulnerability has been discovered in file, which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48554.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48554.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48554", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06116", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06099", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06141", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06179", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0617", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06166", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06158", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48554" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48554", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48554" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235714", "reference_id": "2235714", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235714" }, { "reference_url": "https://security.gentoo.org/glsa/202409-06", "reference_id": "GLSA-202409-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2512", "reference_id": "RHSA-2024:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2512" }, { "reference_url": "https://usn.ubuntu.com/6359-1/", "reference_id": "USN-6359-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6359-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/586700?format=api", "purl": "pkg:deb/debian/file@1:5.44-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-48554" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dn25-adac-e3cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82775?format=api", "vulnerability_id": "VCID-dnwd-kqz6-p3ek", "summary": "file: stack-based buffer over-read in do_core_note in readelf.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8905.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26608", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26503", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26551", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.266", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26606", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2656", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26654", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26697", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26483", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8905" }, { "reference_url": "https://bugs.astron.com/view.php?id=63", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.astron.com/view.php?id=63" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html" }, { "reference_url": "http://www.securityfocus.com/bid/107137", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107137" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679181", "reference_id": "1679181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679181" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968", "reference_id": "922968", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968" }, { "reference_url": "https://security.archlinux.org/ASA-201903-5", "reference_id": "ASA-201903-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201903-5" }, { "reference_url": "https://security.archlinux.org/AVG-907", "reference_id": "AVG-907", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-907" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8905", "reference_id": "CVE-2019-8905", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8905" }, { "reference_url": "https://usn.ubuntu.com/3911-1/", "reference_id": "USN-3911-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3911-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582960?format=api", "purl": "pkg:deb/debian/file@1:5.35-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-8905" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnwd-kqz6-p3ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88157?format=api", "vulnerability_id": "VCID-efgf-z631-6fc3", "summary": "file: multiple memory corruption issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0948.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0948.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61561", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61635", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61665", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61683", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61699", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61721", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61709", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61689", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0948" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=498682", "reference_id": "498682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=498682" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585447?format=api", "purl": "pkg:deb/debian/file@5.02-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.02-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0948" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-efgf-z631-6fc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49140?format=api", "vulnerability_id": "VCID-eft3-z1ht-q3dm", "summary": "A vulnerability has been discovered in file allowing for a denial of\n service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2026.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2026.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02975", "scoring_system": "epss", "scoring_elements": "0.86512", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02975", "scoring_system": "epss", "scoring_elements": "0.86448", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02975", "scoring_system": "epss", "scoring_elements": "0.86459", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02975", "scoring_system": "epss", "scoring_elements": "0.86477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02975", "scoring_system": "epss", "scoring_elements": "0.86496", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02975", "scoring_system": "epss", "scoring_elements": "0.86506", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02975", "scoring_system": "epss", "scoring_elements": "0.86521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02975", "scoring_system": "epss", "scoring_elements": "0.86518", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2026" }, { "reference_url": "https://bugs.gentoo.org/show_bug.cgi?id=174217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.gentoo.org/show_bug.cgi?id=174217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2026" }, { "reference_url": "http://secunia.com/advisories/24918", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24918" }, { "reference_url": "http://secunia.com/advisories/25394", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25394" }, { "reference_url": "http://secunia.com/advisories/25544", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25544" }, { "reference_url": "http://secunia.com/advisories/25578", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25578" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1311" }, { "reference_url": "http://sourceforge.net/mailarchive/forum.php?thread_name=755AF709E5B77E6EA58479D5%40foxx.lsit.ucsb.edu&forum_name=amavis-user", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=755AF709E5B77E6EA58479D5%40foxx.lsit.ucsb.edu&forum_name=amavis-user" }, { "reference_url": "http://www.amavis.org/security/asa-2007-3.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.amavis.org/security/asa-2007-3.txt" }, { "reference_url": "http://www.gentoo.org/security/en/glsa/glsa-200704-13.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200704-13.xml" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:114", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:114" }, { "reference_url": "http://www.securityfocus.com/archive/1/469520/30/6420/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/469520/30/6420/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/24146", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/24146" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/2071", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/2071" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:amavis:virus_scanner:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:amavis:virus_scanner:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:amavis:virus_scanner:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gentoo:file:4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gentoo:file:4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gentoo:file:4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2026", "reference_id": "CVE-2007-2026", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2026" }, { "reference_url": "https://security.gentoo.org/glsa/200704-13", "reference_id": "GLSA-200704-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200704-13" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586054?format=api", "purl": "pkg:deb/debian/file@4.20-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.20-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-2026" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eft3-z1ht-q3dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32132?format=api", "vulnerability_id": "VCID-ev7d-6s86-sfds", "summary": "An integer underflow vulnerability has been reported in The Sleuth Kit\n allowing for the user-assisted execution of arbitrary code.", "references": [ { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc" }, { "reference_url": "http://docs.info.apple.com/article.html?artnum=305530", "reference_id": "", "reference_type": "", "scores": [], "url": "http://docs.info.apple.com/article.html?artnum=305530" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html" }, { "reference_url": "http://mx.gw.com/pipermail/file/2007/000161.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mx.gw.com/pipermail/file/2007/000161.html" }, { "reference_url": "http://openbsd.org/errata40.html#015_file", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openbsd.org/errata40.html#015_file" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1536.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41927", "scoring_system": "epss", "scoring_elements": "0.97428", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.41927", "scoring_system": "epss", "scoring_elements": "0.97402", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.41927", "scoring_system": "epss", "scoring_elements": "0.97409", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.41927", "scoring_system": "epss", "scoring_elements": "0.97413", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.41927", "scoring_system": "epss", "scoring_elements": "0.97415", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.41927", "scoring_system": "epss", "scoring_elements": "0.97422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.41927", "scoring_system": "epss", "scoring_elements": "0.97424", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.41927", "scoring_system": "epss", "scoring_elements": "0.97426", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1536" }, { "reference_url": "https://bugs.gentoo.org/show_bug.cgi?id=171452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.gentoo.org/show_bug.cgi?id=171452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536" }, { "reference_url": "http://secunia.com/advisories/24548", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24548" }, { "reference_url": "http://secunia.com/advisories/24592", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24592" }, { "reference_url": "http://secunia.com/advisories/24604", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24604" }, { "reference_url": "http://secunia.com/advisories/24608", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24608" }, { "reference_url": "http://secunia.com/advisories/24616", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24616" }, { "reference_url": "http://secunia.com/advisories/24617", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24617" }, { "reference_url": "http://secunia.com/advisories/24723", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24723" }, { "reference_url": "http://secunia.com/advisories/24754", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24754" }, { "reference_url": "http://secunia.com/advisories/25133", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25133" }, { "reference_url": "http://secunia.com/advisories/25393", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25393" }, { "reference_url": "http://secunia.com/advisories/25402", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25402" }, { "reference_url": "http://secunia.com/advisories/25931", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25931" }, { "reference_url": "http://secunia.com/advisories/25989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25989" }, { "reference_url": "http://secunia.com/advisories/27307", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27307" }, { "reference_url": "http://secunia.com/advisories/27314", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27314" }, { "reference_url": "http://secunia.com/advisories/29179", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/29179" }, { "reference_url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:04.file.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:04.file.asc" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200703-26.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200703-26.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200710-19.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200710-19.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36283" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1148" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.512926", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.512926" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10658", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10658" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-179.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-179.htm" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1274", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1274" }, { "reference_url": "http://www.kb.cert.org/vuls/id/606700", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/606700" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:067", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:067" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_40_file.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_40_file.html" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_5_sr.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_5_sr.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0124.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0124.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/477861/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/477861/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/477950/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/477950/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/23021", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/23021" }, { "reference_url": "http://www.securitytracker.com/id?1017796", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1017796" }, { "reference_url": "http://www.ubuntu.com/usn/usn-439-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-439-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1040" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1939", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1939" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=233164", "reference_id": "233164", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=233164" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=415362", "reference_id": "415362", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=415362" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1536", "reference_id": "CVE-2007-1536", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1536" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29753.c", "reference_id": "CVE-2007-1536;OSVDB-34285", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29753.c" }, { "reference_url": "https://www.securityfocus.com/bid/23021/info", "reference_id": "CVE-2007-1536;OSVDB-34285", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/23021/info" }, { "reference_url": "https://security.gentoo.org/glsa/200703-26", "reference_id": "GLSA-200703-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200703-26" }, { "reference_url": "https://security.gentoo.org/glsa/200710-19", "reference_id": "GLSA-200710-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-19" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0124", "reference_id": "RHSA-2007:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0124" }, { "reference_url": "https://usn.ubuntu.com/439-1/", "reference_id": "USN-439-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/439-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585578?format=api", "purl": "pkg:deb/debian/file@4.20-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.20-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-1536" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ev7d-6s86-sfds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56035?format=api", "vulnerability_id": "VCID-fapv-3bja-r3hm", "summary": "security update", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2" }, { "reference_url": "http://mx.gw.com/pipermail/file/2014/001553.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://mx.gw.com/pipermail/file/2014/001553.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0207.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0686", "scoring_system": "epss", "scoring_elements": "0.91317", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0686", "scoring_system": "epss", "scoring_elements": "0.91322", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11933", "scoring_system": "epss", "scoring_elements": "0.93753", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11933", "scoring_system": "epss", "scoring_elements": "0.93733", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11933", "scoring_system": "epss", "scoring_elements": "0.93736", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11933", "scoring_system": "epss", "scoring_elements": "0.93745", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11933", "scoring_system": "epss", "scoring_elements": "0.93747", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11933", "scoring_system": "epss", "scoring_elements": "0.93752", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0207" }, { "reference_url": "https://bugs.php.net/bug.php?id=67326", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "https://bugs.php.net/bug.php?id=67326" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "http://secunia.com/advisories/59794", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://secunia.com/advisories/59794" }, { "reference_url": "http://secunia.com/advisories/59831", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://secunia.com/advisories/59831" }, { "reference_url": "https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://support.apple.com/kb/HT6443", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://support.apple.com/kb/HT6443" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2974", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.debian.org/security/2014/dsa-2974" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "http://www.securityfocus.com/bid/68243", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "http://www.securityfocus.com/bid/68243" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091842", "reference_id": "1091842", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091842" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0207", "reference_id": "CVE-2014-0207", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583488?format=api", "purl": "pkg:deb/debian/file@1:5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0207" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fapv-3bja-r3hm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85708?format=api", "vulnerability_id": "VCID-fhc5-qj7s-vbeb", "summary": "php: denial of service when processing a crafted file with Fileinfo", "references": [ { "reference_url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd" }, { "reference_url": "http://php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://php.net/ChangeLog-5.php" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4604.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4604.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4604", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92664", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92665", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92632", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92638", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92644", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92645", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92655", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.9266", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4604" }, { "reference_url": "https://bugs.php.net/bug.php?id=68819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/bug.php?id=68819" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/06/16/12", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/06/16/12" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/75241", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/75241" }, { "reference_url": "http://www.securitytracker.com/id/1032709", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1032709" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213442", "reference_id": "1213442", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213442" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4604", "reference_id": "CVE-2015-4604", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4604" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1066", "reference_id": "RHSA-2015:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1135", "reference_id": "RHSA-2015:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1186", "reference_id": "RHSA-2015:1186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1187", "reference_id": "RHSA-2015:1187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1187" }, { "reference_url": "https://usn.ubuntu.com/2658-1/", "reference_id": "USN-2658-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2658-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584539?format=api", "purl": "pkg:deb/debian/file@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-4604" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fhc5-qj7s-vbeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44719?format=api", "vulnerability_id": "VCID-fupq-ukq7-r7ac", "summary": "A heap-based buffer overflow in file might allow remote attackers\n to execute arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00044.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18218.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18218.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38676", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38771", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38812", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38823", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38835", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38798", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38814", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38762", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18218" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18218" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00032.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00032.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV6PFCEYHYALMTT45QE2U5C5TEJZQPXJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV6PFCEYHYALMTT45QE2U5C5TEJZQPXJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6BJVGXSCC6NMIAWX36FPWHEIFON3OSE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6BJVGXSCC6NMIAWX36FPWHEIFON3OSE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VBK6XOJR6OVWT2FUEBO7V7KCOSSLAP52/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VBK6XOJR6OVWT2FUEBO7V7KCOSSLAP52/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200115-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200115-0001/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1765272", "reference_id": "1765272", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1765272" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942830", "reference_id": "942830", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942830" }, { "reference_url": "https://security.archlinux.org/ASA-202001-2", "reference_id": "ASA-202001-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202001-2" }, { "reference_url": "https://security.archlinux.org/AVG-1083", "reference_id": "AVG-1083", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1083" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:linux:*:*", "reference_id": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:linux:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:linux:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18218", "reference_id": "CVE-2019-18218", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18218" }, { "reference_url": "https://security.gentoo.org/glsa/202003-24", "reference_id": "GLSA-202003-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4374", "reference_id": "RHSA-2021:4374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4374" }, { "reference_url": "https://usn.ubuntu.com/4172-1/", "reference_id": "USN-4172-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4172-1/" }, { "reference_url": "https://usn.ubuntu.com/4172-2/", "reference_id": "USN-4172-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4172-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586245?format=api", "purl": "pkg:deb/debian/file@1:5.37-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.37-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-18218" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fupq-ukq7-r7ac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38732?format=api", "vulnerability_id": "VCID-h7b6-23hp-8ycj", "summary": "Multiple vulnerabilities have been discovered in PHP, the worst of\n which could lead to remote execution of arbitrary code.", "references": [ { "reference_url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1803228597e82218a8c105e67975bc50e6f5bf0d", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1803228597e82218a8c105e67975bc50e6f5bf0d" }, { "reference_url": "http://linux.oracle.com/errata/ELSA-2014-1767.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://linux.oracle.com/errata/ELSA-2014-1767.html" }, { "reference_url": "http://linux.oracle.com/errata/ELSA-2014-1768.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://linux.oracle.com/errata/ELSA-2014-1768.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1767.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1767.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1768.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1768.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0739", "scoring_system": "epss", "scoring_elements": "0.91732", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0739", "scoring_system": "epss", "scoring_elements": "0.9169", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0739", "scoring_system": "epss", "scoring_elements": "0.91699", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0739", "scoring_system": "epss", "scoring_elements": "0.91704", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0739", "scoring_system": "epss", "scoring_elements": "0.91712", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0739", "scoring_system": "epss", "scoring_elements": "0.91725", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0739", "scoring_system": "epss", "scoring_elements": "0.91731", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0739", "scoring_system": "epss", "scoring_elements": "0.91735", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0739", "scoring_system": "epss", "scoring_elements": "0.91736", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3710" }, { "reference_url": "https://bugs.php.net/bug.php?id=68283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/bug.php?id=68283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710" }, { "reference_url": "http://secunia.com/advisories/60630", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60630" }, { "reference_url": "http://secunia.com/advisories/60699", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60699" }, { "reference_url": "http://secunia.com/advisories/61763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61763" }, { "reference_url": "http://secunia.com/advisories/61970", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61970" }, { "reference_url": "http://secunia.com/advisories/61982", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61982" }, { "reference_url": "http://secunia.com/advisories/62347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62347" }, { "reference_url": "http://secunia.com/advisories/62559", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62559" }, { "reference_url": "https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT204659" }, { "reference_url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3072", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3072" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/70807", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70807" }, { "reference_url": "http://www.securitytracker.com/id/1031344", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031344" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2391-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2391-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2494-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2494-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1155071", "reference_id": "1155071", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1155071" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806", "reference_id": "768806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3710", "reference_id": "CVE-2014-3710", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3710" }, { "reference_url": "https://security.gentoo.org/glsa/201503-03", "reference_id": "GLSA-201503-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-03" }, { "reference_url": "https://security.gentoo.org/glsa/201701-42", "reference_id": "GLSA-201701-42", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1767", "reference_id": "RHSA-2014:1767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1768", "reference_id": "RHSA-2014:1768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/2391-1/", "reference_id": "USN-2391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2391-1/" }, { "reference_url": "https://usn.ubuntu.com/2494-1/", "reference_id": "USN-2494-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2494-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585688?format=api", "purl": "pkg:deb/debian/file@1:5.20-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.20-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3710" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h7b6-23hp-8ycj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41651?format=api", "vulnerability_id": "VCID-j2z8-tcs6-4be1", "summary": "A vulnerability in file could result in Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7345.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7345.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7345", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03176", "scoring_system": "epss", "scoring_elements": "0.86903", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03176", "scoring_system": "epss", "scoring_elements": "0.86914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03176", "scoring_system": "epss", "scoring_elements": "0.86933", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03176", "scoring_system": "epss", "scoring_elements": "0.86926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03176", "scoring_system": "epss", "scoring_elements": "0.86946", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03176", "scoring_system": "epss", "scoring_elements": "0.86954", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03176", "scoring_system": "epss", "scoring_elements": "0.86967", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03176", "scoring_system": "epss", "scoring_elements": "0.86962", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03176", "scoring_system": "epss", "scoring_elements": "0.86957", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079846", "reference_id": "1079846", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079846" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993", "reference_id": "703993", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993" }, { "reference_url": "https://security.gentoo.org/glsa/201408-08", "reference_id": "GLSA-201408-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-08" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584379?format=api", "purl": "pkg:deb/debian/file@1:5.17-0.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.17-0.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-7345" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j2z8-tcs6-4be1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56040?format=api", "vulnerability_id": "VCID-kj2f-8vd4-quep", "summary": "security update", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://mx.gw.com/pipermail/file/2014/001553.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mx.gw.com/pipermail/file/2014/001553.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/06/30/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/06/30/7" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3538.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21003", "scoring_system": "epss", "scoring_elements": "0.9564", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21003", "scoring_system": "epss", "scoring_elements": "0.95604", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21003", "scoring_system": "epss", "scoring_elements": "0.95613", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.21003", "scoring_system": "epss", "scoring_elements": "0.95618", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21003", "scoring_system": "epss", "scoring_elements": "0.95621", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21003", "scoring_system": "epss", "scoring_elements": "0.9563", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21003", "scoring_system": "epss", "scoring_elements": "0.95633", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21003", "scoring_system": "epss", "scoring_elements": "0.95638", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670" }, { "reference_url": "http://secunia.com/advisories/60696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60696" }, { "reference_url": "https://github.com/file/file/commit/4a284c89d6ef11aca34da65da7d673050a5ea320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/4a284c89d6ef11aca34da65da7d673050a5ea320" }, { "reference_url": "https://github.com/file/file/commit/69a5a43b3b71f53b0577f41264a073f495799610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/69a5a43b3b71f53b0577f41264a073f495799610" }, { "reference_url": "https://github.com/file/file/commit/71a8b6c0d758acb0f73e2e51421a711b5e9d6668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/71a8b6c0d758acb0f73e2e51421a711b5e9d6668" }, { "reference_url": "https://github.com/file/file/commit/74cafd7de9ec99a14f4480927580e501c8f852c3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/74cafd7de9ec99a14f4480927580e501c8f852c3" }, { "reference_url": "https://github.com/file/file/commit/758e066df72fb1ac08d2eea91ddc3973d259e991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/758e066df72fb1ac08d2eea91ddc3973d259e991" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3008", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3008" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/68348", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68348" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098222", "reference_id": "1098222", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1098222" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3538", "reference_id": "CVE-2014-3538", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583488?format=api", "purl": "pkg:deb/debian/file@1:5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3538" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kj2f-8vd4-quep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91947?format=api", "vulnerability_id": "VCID-kn4s-hv81-q7da", "summary": "Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Common Document Format (CDF) file. NOTE: this might overlap CVE-2009-1515.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2830", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01614", "scoring_system": "epss", "scoring_elements": "0.81712", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01614", "scoring_system": "epss", "scoring_elements": "0.81723", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01614", "scoring_system": "epss", "scoring_elements": "0.81746", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01614", "scoring_system": "epss", "scoring_elements": "0.81743", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01614", "scoring_system": "epss", "scoring_elements": "0.8177", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01614", "scoring_system": "epss", "scoring_elements": "0.81775", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01614", "scoring_system": "epss", "scoring_elements": "0.81795", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01614", "scoring_system": "epss", "scoring_elements": "0.81782", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01614", "scoring_system": "epss", "scoring_elements": "0.81777", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2830" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585355?format=api", "purl": "pkg:deb/debian/file@5.03-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.03-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2830" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kn4s-hv81-q7da" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59585?format=api", "vulnerability_id": "VCID-mjct-kvsk-zkgj", "summary": "Multiple vulnerabilities have been discovered in PHP, the worst of\n which could lead to remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4636.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4636.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55576", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55437", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55548", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55573", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55551", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55603", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55605", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55614", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55593", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4636" }, { "reference_url": "https://bugs.php.net/bug.php?id=64830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/bug.php?id=64830" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=977463", "reference_id": "977463", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=977463" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4636", "reference_id": "CVE-2013-4636", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4636" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584539?format=api", "purl": "pkg:deb/debian/file@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-4636" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mjct-kvsk-zkgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85709?format=api", "vulnerability_id": "VCID-n1mh-p3k8-73gm", "summary": "php: denial of service when processing a crafted file with Fileinfo", "references": [ { "reference_url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd" }, { "reference_url": "http://php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://php.net/ChangeLog-5.php" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4605.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4605.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92664", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92665", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92632", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92638", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92644", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92645", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.92655", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09106", "scoring_system": "epss", "scoring_elements": "0.9266", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4605" }, { "reference_url": "https://bugs.php.net/bug.php?id=68819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/bug.php?id=68819" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/06/16/12", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/06/16/12" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/75233", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/75233" }, { "reference_url": "http://www.securitytracker.com/id/1032709", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1032709" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213442", "reference_id": "1213442", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213442" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4605", "reference_id": "CVE-2015-4605", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1066", "reference_id": "RHSA-2015:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1135", "reference_id": "RHSA-2015:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1186", "reference_id": "RHSA-2015:1186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1187", "reference_id": "RHSA-2015:1187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1187" }, { "reference_url": "https://usn.ubuntu.com/2658-1/", "reference_id": "USN-2658-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2658-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584539?format=api", "purl": "pkg:deb/debian/file@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-4605" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1mh-p3k8-73gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47793?format=api", "vulnerability_id": "VCID-nfd8-hxvz-x3au", "summary": "Multiple vulnerabilities have been found in file, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9652.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9652.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9652", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05795", "scoring_system": "epss", "scoring_elements": "0.90465", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05795", "scoring_system": "epss", "scoring_elements": "0.90469", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05795", "scoring_system": "epss", "scoring_elements": "0.90481", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05795", "scoring_system": "epss", "scoring_elements": "0.90486", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05795", "scoring_system": "epss", "scoring_elements": "0.90499", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05795", "scoring_system": "epss", "scoring_elements": "0.90505", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05795", "scoring_system": "epss", "scoring_elements": "0.90513", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05795", "scoring_system": "epss", "scoring_elements": "0.90512", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05795", "scoring_system": "epss", "scoring_elements": "0.90506", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9652" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188599", "reference_id": "1188599", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188599" }, { "reference_url": "https://security.gentoo.org/glsa/201701-42", "reference_id": "GLSA-201701-42", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1053", "reference_id": "RHSA-2015:1053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1066", "reference_id": "RHSA-2015:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1135", "reference_id": "RHSA-2015:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2501-1/", "reference_id": "USN-2501-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2501-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584525?format=api", "purl": "pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-9652" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nfd8-hxvz-x3au" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88178?format=api", "vulnerability_id": "VCID-nz42-ntca-nkgw", "summary": "file: heap-based buffer overflow in cdf_read_sat()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1515.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1515.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04179", "scoring_system": "epss", "scoring_elements": "0.8865", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04179", "scoring_system": "epss", "scoring_elements": "0.88659", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04179", "scoring_system": "epss", "scoring_elements": "0.88675", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04179", "scoring_system": "epss", "scoring_elements": "0.88676", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04179", "scoring_system": "epss", "scoring_elements": "0.88694", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04179", "scoring_system": "epss", "scoring_elements": "0.887", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04179", "scoring_system": "epss", "scoring_elements": "0.88712", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04179", "scoring_system": "epss", "scoring_elements": "0.88705", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=497913", "reference_id": "497913", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=497913" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585447?format=api", "purl": "pkg:deb/debian/file@5.02-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.02-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1515" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nz42-ntca-nkgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82903?format=api", "vulnerability_id": "VCID-p13b-2a4m-sbfx", "summary": "file: do_core_note in readelf.c allows remote attackers to cause a denial of service", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8907.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8907.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74734", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74779", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74786", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.7481", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74789", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74737", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74764", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74738", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8907" }, { "reference_url": "https://bugs.astron.com/view.php?id=65", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.astron.com/view.php?id=65" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8907" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679138", "reference_id": "1679138", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679138" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968", "reference_id": "922968", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968" }, { "reference_url": "https://security.archlinux.org/ASA-201903-5", "reference_id": "ASA-201903-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201903-5" }, { "reference_url": "https://security.archlinux.org/AVG-907", "reference_id": "AVG-907", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-907" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8907", "reference_id": "CVE-2019-8907", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8907" }, { "reference_url": "https://usn.ubuntu.com/3911-1/", "reference_id": "USN-3911-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3911-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582960?format=api", "purl": "pkg:deb/debian/file@1:5.35-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-8907" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p13b-2a4m-sbfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56942?format=api", "vulnerability_id": "VCID-pwh8-7erv-sycw", "summary": "Vulnerabilities in file could allow a context-dependent attack to\n create a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9621.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9621.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9621", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01286", "scoring_system": "epss", "scoring_elements": "0.79572", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01286", "scoring_system": "epss", "scoring_elements": "0.79578", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01286", "scoring_system": "epss", "scoring_elements": "0.79601", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01286", "scoring_system": "epss", "scoring_elements": "0.79588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01286", "scoring_system": "epss", "scoring_elements": "0.79617", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01286", "scoring_system": "epss", "scoring_elements": "0.79624", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01286", "scoring_system": "epss", "scoring_elements": "0.79645", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01286", "scoring_system": "epss", "scoring_elements": "0.79629", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01286", "scoring_system": "epss", "scoring_elements": "0.79622", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9621" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180642", "reference_id": "1180642", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180642" }, { "reference_url": "https://security.gentoo.org/glsa/201503-08", "reference_id": "GLSA-201503-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-08" }, { "reference_url": "https://usn.ubuntu.com/3686-1/", "reference_id": "USN-3686-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3686-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584525?format=api", "purl": "pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-9621" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pwh8-7erv-sycw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60296?format=api", "vulnerability_id": "VCID-q9eh-jb32-xfgz", "summary": "A vulnerability in file could lead to a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10360.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65933", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01597", "scoring_system": "epss", "scoring_elements": "0.81616", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01597", "scoring_system": "epss", "scoring_elements": "0.81679", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01597", "scoring_system": "epss", "scoring_elements": "0.81698", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01597", "scoring_system": "epss", "scoring_elements": "0.81685", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01597", "scoring_system": "epss", "scoring_elements": "0.81627", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01597", "scoring_system": "epss", "scoring_elements": "0.81649", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01597", "scoring_system": "epss", "scoring_elements": "0.81647", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01597", "scoring_system": "epss", "scoring_elements": "0.81674", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10360" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590000", "reference_id": "1590000", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590000" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901351", "reference_id": "901351", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901351" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:5.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", "reference_id": "CVE-2018-10360", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10360" }, { "reference_url": "https://security.gentoo.org/glsa/201806-08", "reference_id": "GLSA-201806-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201806-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1022", "reference_id": "RHSA-2020:1022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2521", "reference_id": "RHSA-2020:2521", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2768", "reference_id": "RHSA-2020:2768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2838", "reference_id": "RHSA-2020:2838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2838" }, { "reference_url": "https://usn.ubuntu.com/3686-1/", "reference_id": "USN-3686-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3686-1/" }, { "reference_url": "https://usn.ubuntu.com/3686-2/", "reference_id": "USN-3686-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3686-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585866?format=api", "purl": "pkg:deb/debian/file@1:5.33-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.33-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-10360" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q9eh-jb32-xfgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31755?format=api", "vulnerability_id": "VCID-ruyb-ha6b-mbbj", "summary": "The code for parsing ELF headers in file contains a flaw which may allow an\n attacker to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1304", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0572", "scoring_system": "epss", "scoring_elements": "0.90432", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0572", "scoring_system": "epss", "scoring_elements": "0.90392", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0572", "scoring_system": "epss", "scoring_elements": "0.90394", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0572", "scoring_system": "epss", "scoring_elements": "0.90407", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0572", "scoring_system": "epss", "scoring_elements": "0.90411", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0572", "scoring_system": "epss", "scoring_elements": "0.90425", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0572", "scoring_system": "epss", "scoring_elements": "0.90431", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0572", "scoring_system": "epss", "scoring_elements": "0.90439", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1304" }, { "reference_url": "http://securitytracker.com/id?1012433", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securitytracker.com/id?1012433" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18368", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18368" }, { "reference_url": "http://www.gentoo.org/security/en/glsa/glsa-200412-07.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-07.xml" }, { "reference_url": "http://www.securityfocus.com/bid/11771", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/11771" }, { "reference_url": "http://www.trustix.net/errata/2004/0063/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.net/errata/2004/0063/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1304", "reference_id": "CVE-2004-1304", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1304" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24784.txt", "reference_id": "CVE-2004-1304;OSVDB-12255", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24784.txt" }, { "reference_url": "https://www.securityfocus.com/bid/11771/info", "reference_id": "CVE-2004-1304;OSVDB-12255", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/11771/info" }, { "reference_url": "https://security.gentoo.org/glsa/200412-07", "reference_id": "GLSA-200412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200412-07" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586672?format=api", "purl": "pkg:deb/debian/file@4.12?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.12%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-1304" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ruyb-ha6b-mbbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88156?format=api", "vulnerability_id": "VCID-sfee-nuzx-dyfq", "summary": "file: multiple memory corruption issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0947.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.601", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60177", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60202", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60171", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60221", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60235", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60257", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60243", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60226", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0947" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=498682", "reference_id": "498682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=498682" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585447?format=api", "purl": "pkg:deb/debian/file@5.02-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.02-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0947" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sfee-nuzx-dyfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89734?format=api", "vulnerability_id": "VCID-sh5e-9eup-pbft", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0102.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0102.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08278", "scoring_system": "epss", "scoring_elements": "0.9221", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08278", "scoring_system": "epss", "scoring_elements": "0.92217", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08278", "scoring_system": "epss", "scoring_elements": "0.92223", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08278", "scoring_system": "epss", "scoring_elements": "0.92226", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08278", "scoring_system": "epss", "scoring_elements": "0.92237", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08278", "scoring_system": "epss", "scoring_elements": "0.92241", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08278", "scoring_system": "epss", "scoring_elements": "0.92246", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08278", "scoring_system": "epss", "scoring_elements": "0.92247", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08278", "scoring_system": "epss", "scoring_elements": "0.92244", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0102" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0102", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0102" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616966", "reference_id": "1616966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616966" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22324.c", "reference_id": "CVE-2003-0102;OSVDB-6456", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22324.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22325.c", "reference_id": "CVE-2003-0102;OSVDB-6456", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22325.c" }, { "reference_url": "https://www.securityfocus.com/bid/7008/info", "reference_id": "CVE-2003-0102;OSVDB-6456", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/7008/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:086", "reference_id": "RHSA-2003:086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:087", "reference_id": "RHSA-2003:087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:087" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585720?format=api", "purl": "pkg:deb/debian/file@3.40-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@3.40-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-0102" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sh5e-9eup-pbft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82904?format=api", "vulnerability_id": "VCID-t8q1-8y52-e7dp", "summary": "file: out-of-bounds read in do_core_note in readelf.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8906.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8906.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22887", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22944", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22966", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23018", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23037", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22999", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23058", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23102", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22893", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8906" }, { "reference_url": "https://bugs.astron.com/view.php?id=64", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.astron.com/view.php?id=64" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f" }, { "reference_url": "https://support.apple.com/kb/HT209599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT209599" }, { "reference_url": "https://support.apple.com/kb/HT209600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT209600" }, { "reference_url": "https://support.apple.com/kb/HT209601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT209601" }, { "reference_url": "https://support.apple.com/kb/HT209602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT209602" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679175", "reference_id": "1679175", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679175" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922969", "reference_id": "922969", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922969" }, { "reference_url": "https://security.archlinux.org/ASA-201903-5", "reference_id": "ASA-201903-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201903-5" }, { "reference_url": "https://security.archlinux.org/AVG-907", "reference_id": "AVG-907", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-907" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8906", "reference_id": "CVE-2019-8906", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8906" }, { "reference_url": "https://usn.ubuntu.com/3911-1/", "reference_id": "USN-3911-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3911-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582960?format=api", "purl": "pkg:deb/debian/file@1:5.35-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-8906" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8q1-8y52-e7dp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91973?format=api", "vulnerability_id": "VCID-udeq-mpc8-rucw", "summary": "Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00876", "scoring_system": "epss", "scoring_elements": "0.75235", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00876", "scoring_system": "epss", "scoring_elements": "0.75239", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00876", "scoring_system": "epss", "scoring_elements": "0.75271", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00876", "scoring_system": "epss", "scoring_elements": "0.75247", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00876", "scoring_system": "epss", "scoring_elements": "0.7529", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00876", "scoring_system": "epss", "scoring_elements": "0.753", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00876", "scoring_system": "epss", "scoring_elements": "0.75321", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00876", "scoring_system": "epss", "scoring_elements": "0.75299", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00876", "scoring_system": "epss", "scoring_elements": "0.75288", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3930" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585355?format=api", "purl": "pkg:deb/debian/file@5.03-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.03-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3930" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-udeq-mpc8-rucw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41432?format=api", "vulnerability_id": "VCID-x969-386f-h7g3", "summary": "A vulnerability in file could allow a context-dependent attack to\n create a Denial of Service condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2015-0040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2015-0040.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0760.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8117.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8117.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16453", "scoring_system": "epss", "scoring_elements": "0.94889", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.16453", "scoring_system": "epss", "scoring_elements": "0.94852", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.16453", "scoring_system": "epss", "scoring_elements": "0.94862", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16453", "scoring_system": "epss", "scoring_elements": "0.94865", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16453", "scoring_system": "epss", "scoring_elements": "0.94868", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16453", "scoring_system": "epss", "scoring_elements": "0.94877", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.16453", "scoring_system": "epss", "scoring_elements": "0.9488", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.16453", "scoring_system": "epss", "scoring_elements": "0.94885", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16453", "scoring_system": "epss", "scoring_elements": "0.94887", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652" }, { "reference_url": "http://seclists.org/oss-sec/2014/q4/1056", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2014/q4/1056" }, { "reference_url": "http://secunia.com/advisories/61944", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61944" }, { "reference_url": "http://secunia.com/advisories/62081", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62081" }, { "reference_url": "https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog" }, { "reference_url": "https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c" }, { "reference_url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/71692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71692" }, { "reference_url": "http://www.securitytracker.com/id/1031344", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031344" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2494-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2494-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2535-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2535-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174606", "reference_id": "1174606", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174606" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148", "reference_id": "773148", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8117", "reference_id": "CVE-2014-8117", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8117" }, { "reference_url": "https://security.gentoo.org/glsa/201412-48", "reference_id": "GLSA-201412-48", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-48" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0760", "reference_id": "RHSA-2016:0760", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0760" }, { "reference_url": "https://usn.ubuntu.com/2494-1/", "reference_id": "USN-2494-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2494-1/" }, { "reference_url": "https://usn.ubuntu.com/2535-1/", "reference_id": "USN-2535-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2535-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584525?format=api", "purl": "pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8117" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x969-386f-h7g3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51481?format=api", "vulnerability_id": "VCID-xfmq-b6kr-63hx", "summary": "A vulnerability in file could result in Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1943.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1943.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21485", "scoring_system": "epss", "scoring_elements": "0.95678", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21485", "scoring_system": "epss", "scoring_elements": "0.95688", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.21485", "scoring_system": "epss", "scoring_elements": "0.95693", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21485", "scoring_system": "epss", "scoring_elements": "0.95696", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21485", "scoring_system": "epss", "scoring_elements": "0.95704", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21485", "scoring_system": "epss", "scoring_elements": "0.95708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21485", "scoring_system": "epss", "scoring_elements": "0.95712", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.21485", "scoring_system": "epss", "scoring_elements": "0.95711", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21485", "scoring_system": "epss", "scoring_elements": "0.95713", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065836", "reference_id": "1065836", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065836" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738832", "reference_id": "738832", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738832" }, { "reference_url": "https://security.gentoo.org/glsa/201403-03", "reference_id": "GLSA-201403-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201403-03" }, { "reference_url": "https://security.gentoo.org/glsa/201408-11", "reference_id": "GLSA-201408-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1012", "reference_id": "RHSA-2014:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1606", "reference_id": "RHSA-2014:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://usn.ubuntu.com/2123-1/", "reference_id": "USN-2123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2123-1/" }, { "reference_url": "https://usn.ubuntu.com/2126-1/", "reference_id": "USN-2126-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2126-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584379?format=api", "purl": "pkg:deb/debian/file@1:5.17-0.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.17-0.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1943" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xfmq-b6kr-63hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56039?format=api", "vulnerability_id": "VCID-xfpj-zu5q-tqa7", "summary": "security update", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2" }, { "reference_url": "http://mx.gw.com/pipermail/file/2014/001553.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mx.gw.com/pipermail/file/2014/001553.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3487.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3487.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19441", "scoring_system": "epss", "scoring_elements": "0.95387", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.19441", "scoring_system": "epss", "scoring_elements": "0.9535", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.19441", "scoring_system": "epss", "scoring_elements": "0.95359", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.19441", "scoring_system": "epss", "scoring_elements": "0.95365", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.19441", "scoring_system": "epss", "scoring_elements": "0.9537", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.19441", "scoring_system": "epss", "scoring_elements": "0.95377", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.19441", "scoring_system": "epss", "scoring_elements": "0.9538", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.19441", "scoring_system": "epss", "scoring_elements": "0.95384", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3487" }, { "reference_url": "https://bugs.php.net/bug.php?id=67413", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/bug.php?id=67413" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "http://secunia.com/advisories/59794", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59794" }, { "reference_url": "http://secunia.com/advisories/59831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59831" }, { "reference_url": "https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://support.apple.com/kb/HT6443", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT6443" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2974", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-2974" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "http://www.securityfocus.com/bid/68120", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68120" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1107544", "reference_id": "1107544", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1107544" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3487", "reference_id": "CVE-2014-3487", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1013", "reference_id": "RHSA-2014:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583488?format=api", "purl": "pkg:deb/debian/file@1:5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3487" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xfpj-zu5q-tqa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56036?format=api", "vulnerability_id": "VCID-xmxy-f5cc-qygp", "summary": "security update", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2" }, { "reference_url": "http://mx.gw.com/pipermail/file/2014/001553.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://mx.gw.com/pipermail/file/2014/001553.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3478.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3478.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25344", "scoring_system": "epss", "scoring_elements": "0.96168", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25344", "scoring_system": "epss", "scoring_elements": "0.96176", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25344", "scoring_system": "epss", "scoring_elements": "0.96183", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25344", "scoring_system": "epss", "scoring_elements": "0.96186", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25344", "scoring_system": "epss", "scoring_elements": "0.96196", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25344", "scoring_system": "epss", "scoring_elements": "0.96199", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25344", "scoring_system": "epss", "scoring_elements": "0.96203", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.25344", "scoring_system": "epss", "scoring_elements": "0.96202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25344", "scoring_system": "epss", "scoring_elements": "0.96205", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3478" }, { "reference_url": "https://bugs.php.net/bug.php?id=67410", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "https://bugs.php.net/bug.php?id=67410" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721" }, { "reference_url": "http://secunia.com/advisories/59794", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://secunia.com/advisories/59794" }, { "reference_url": "http://secunia.com/advisories/59831", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://secunia.com/advisories/59831" }, { "reference_url": "https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://support.apple.com/kb/HT6443", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://support.apple.com/kb/HT6443" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2974", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.debian.org/security/2014/dsa-2974" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3021", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.debian.org/security/2014/dsa-3021" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "http://www.securityfocus.com/bid/68239", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/" } ], "url": "http://www.securityfocus.com/bid/68239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104863", "reference_id": "1104863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104863" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3478", "reference_id": "CVE-2014-3478", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1327", "reference_id": "RHSA-2014:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1765", "reference_id": "RHSA-2014:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1766", "reference_id": "RHSA-2014:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2155", "reference_id": "RHSA-2015:2155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2155" }, { "reference_url": "https://usn.ubuntu.com/2276-1/", "reference_id": "USN-2276-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2276-1/" }, { "reference_url": "https://usn.ubuntu.com/2278-1/", "reference_id": "USN-2278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2278-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583488?format=api", "purl": "pkg:deb/debian/file@1:5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3478" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xmxy-f5cc-qygp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32133?format=api", "vulnerability_id": "VCID-y3q6-fuvj-sfba", "summary": "An integer underflow vulnerability has been reported in The Sleuth Kit\n allowing for the user-assisted execution of arbitrary code.", "references": [ { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc" }, { "reference_url": "http://docs.info.apple.com/article.html?artnum=307562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://docs.info.apple.com/article.html?artnum=307562" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" }, { "reference_url": "http://osvdb.org/38498", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/38498" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2799.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2799.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87524", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87534", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87547", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87549", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87568", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87586", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87582", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2799" }, { "reference_url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799" }, { "reference_url": "http://secunia.com/advisories/25394", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25394" }, { "reference_url": "http://secunia.com/advisories/25544", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25544" }, { "reference_url": "http://secunia.com/advisories/25578", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25578" }, { "reference_url": "http://secunia.com/advisories/25931", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25931" }, { "reference_url": "http://secunia.com/advisories/26203", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26203" }, { "reference_url": "http://secunia.com/advisories/26294", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26294" }, { "reference_url": "http://secunia.com/advisories/26415", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26415" }, { "reference_url": "http://secunia.com/advisories/29179", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/29179" }, { "reference_url": "http://secunia.com/advisories/29420", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/29420" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34731" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1311" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm" }, { "reference_url": "http://www.amavis.org/security/asa-2007-3.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.amavis.org/security/asa-2007-3.txt" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1343", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1343" }, { "reference_url": "http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:114", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:114" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_40_file.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_40_file.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0391.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0391.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/469520/30/6420/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/469520/30/6420/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/24146", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/24146" }, { "reference_url": "http://www.securitytracker.com/id?1018140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1018140" }, { "reference_url": "http://www.trustix.org/errata/2007/0024/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2007/0024/" }, { "reference_url": "http://www.ubuntu.com/usn/usn-439-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-439-2" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/2071", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/2071" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/0924/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/0924/references" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=241022", "reference_id": "241022", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=241022" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428293", "reference_id": "428293", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428293" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file:file:4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sleuth_kit:the_sleuth_kith:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sleuth_kit:the_sleuth_kith:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sleuth_kit:the_sleuth_kith:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2799", "reference_id": "CVE-2007-2799", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2799" }, { "reference_url": "https://security.gentoo.org/glsa/200705-25", "reference_id": "GLSA-200705-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200705-25" }, { "reference_url": "https://security.gentoo.org/glsa/200710-19", "reference_id": "GLSA-200710-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0391", "reference_id": "RHSA-2007:0391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0391" }, { "reference_url": "https://usn.ubuntu.com/439-2/", "reference_id": "USN-439-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/439-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584896?format=api", "purl": "pkg:deb/debian/file@4.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.21-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-2799" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y3q6-fuvj-sfba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47795?format=api", "vulnerability_id": "VCID-zkut-a5an-r7ae", "summary": "Multiple vulnerabilities have been found in file, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://bugs.gw.com/view.php?id=522", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.gw.com/view.php?id=522" }, { "reference_url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77084", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77146", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77144", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77172", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77151", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.7709", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.7712", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77102", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77135", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8865" }, { "reference_url": "https://bugs.php.net/bug.php?id=71527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/bug.php?id=71527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "reference_url": "https://security.gentoo.org/glsa/201611-22", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-22" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206567" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3560", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3560" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/04/24/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/04/24/1" }, { "reference_url": "http://www.php.net/ChangeLog-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.php.net/ChangeLog-5.php" }, { "reference_url": "http://www.php.net/ChangeLog-7.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.php.net/ChangeLog-7.php" }, { "reference_url": "http://www.securityfocus.com/bid/85802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/85802" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2952-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2952-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2952-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2952-2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323118", "reference_id": "1323118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323118" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377", "reference_id": "827377", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8865", "reference_id": "CVE-2015-8865", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8865" }, { "reference_url": "https://security.gentoo.org/glsa/201701-42", "reference_id": "GLSA-201701-42", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2984-1/", "reference_id": "USN-2984-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2984-1/" }, { "reference_url": "https://usn.ubuntu.com/3686-1/", "reference_id": "USN-3686-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3686-1/" }, { "reference_url": "https://usn.ubuntu.com/3686-2/", "reference_id": "USN-3686-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3686-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583395?format=api", "purl": "pkg:deb/debian/file@1:5.24-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.24-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-8865" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkut-a5an-r7ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82776?format=api", "vulnerability_id": "VCID-zqgq-d1nu-qbd5", "summary": "file: stack-based buffer over-read in do_bid_note in readelf.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8904.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8904.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68638", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.687", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68702", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.6872", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68743", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68729", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68655", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68674", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68651", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8904" }, { "reference_url": "https://bugs.astron.com/view.php?id=62", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.astron.com/view.php?id=62" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8904" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/107130", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107130" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679188", "reference_id": "1679188", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679188" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922967", "reference_id": "922967", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922967" }, { "reference_url": "https://security.archlinux.org/ASA-201903-5", "reference_id": "ASA-201903-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201903-5" }, { "reference_url": "https://security.archlinux.org/AVG-907", "reference_id": "AVG-907", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-907" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8904", "reference_id": "CVE-2019-8904", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8904" }, { "reference_url": "https://usn.ubuntu.com/3911-1/", "reference_id": "USN-3911-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3911-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582960?format=api", "purl": "pkg:deb/debian/file@1:5.35-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582961?format=api", "purl": "pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582962?format=api", "purl": "pkg:deb/debian/file@1:5.44-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582963?format=api", "purl": "pkg:deb/debian/file@1:5.46-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-8904" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqgq-d1nu-qbd5" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie" }