{"url":"http://public2.vulnerablecode.io/api/packages/583395?format=json","purl":"pkg:deb/debian/file@1:5.24-1?distro=trixie","type":"deb","namespace":"debian","name":"file","version":"1:5.24-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:5.32-1","latest_non_vulnerable_version":"1:5.46-5","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47795?format=json","vulnerability_id":"VCID-zkut-a5an-r7ae","summary":"Multiple vulnerabilities have been found in file, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://bugs.gw.com/view.php?id=522","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gw.com/view.php?id=522"},{"reference_url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e","reference_id":"","reference_type":"","scores":[],"url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2750.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2750.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8865","reference_id":"","reference_type":"","scores":[{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77084","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77342","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7729","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7728","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77296","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7709","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7712","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77135","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77144","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77172","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77146","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77187","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77188","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77214","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7722","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77236","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77241","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7727","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8865"},{"reference_url":"https://bugs.php.net/bug.php?id=71527","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=71527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"},{"reference_url":"https://security.gentoo.org/glsa/201611-22","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-22"},{"reference_url":"https://support.apple.com/HT206567","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206567"},{"reference_url":"http://www.debian.org/security/2016/dsa-3560","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3560"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/04/24/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/04/24/1"},{"reference_url":"http://www.php.net/ChangeLog-5.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.php.net/ChangeLog-5.php"},{"reference_url":"http://www.php.net/ChangeLog-7.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.php.net/ChangeLog-7.php"},{"reference_url":"http://www.securityfocus.com/bid/85802","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/85802"},{"reference_url":"http://www.ubuntu.com/usn/USN-2952-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2952-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2952-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2952-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323118","reference_id":"1323118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323118"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377","reference_id":"827377","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8865","reference_id":"CVE-2015-8865","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8865"},{"reference_url":"https://security.gentoo.org/glsa/201701-42","reference_id":"GLSA-201701-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2750","reference_id":"RHSA-2016:2750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2750"},{"reference_url":"https://usn.ubuntu.com/2984-1/","reference_id":"USN-2984-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2984-1/"},{"reference_url":"https://usn.ubuntu.com/3686-1/","reference_id":"USN-3686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-1/"},{"reference_url":"https://usn.ubuntu.com/3686-2/","reference_id":"USN-3686-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583395?format=json","purl":"pkg:deb/debian/file@1:5.24-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.24-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582961?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582962?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582963?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"}],"aliases":["CVE-2015-8865"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkut-a5an-r7ae"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.24-1%3Fdistro=trixie"}