{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","type":"ebuild","namespace":"dev-lang","name":"php","version":"5.2.6-r6","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"5.2.12","latest_non_vulnerable_version":"8.3.12","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42193?format=json","vulnerability_id":"VCID-21m2-srah-5fcn","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=234102","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=234102"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"http://news.php.net/php.cvs/51219","reference_id":"","reference_type":"","scores":[],"url":"http://news.php.net/php.cvs/51219"},{"reference_url":"http://osvdb.org/47484","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/47484"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3658.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3658","reference_id":"","reference_type":"","scores":[{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93304","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93381","published_at":"2026-05-07T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93391","published_at":"2026-05-11T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93398","published_at":"2026-05-12T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93312","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93318","published_at":"2026-04-04T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93316","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93325","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93329","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93334","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93332","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93333","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93351","published_at":"2026-04-16T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93356","published_at":"2026-04-18T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93363","published_at":"2026-04-26T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93367","published_at":"2026-04-24T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93361","published_at":"2026-04-29T12:55:00Z"},{"value":"0.10745","scoring_system":"epss","scoring_elements":"0.93369","published_at":"2026-05-05T12:55:00Z"},{"value":"0.12532","scoring_system":"epss","scoring_elements":"0.94018","published_at":"2026-05-15T12:55:00Z"},{"value":"0.12532","scoring_system":"epss","scoring_elements":"0.94015","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3658"},{"reference_url":"http://secunia.com/advisories/31982","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31982"},{"reference_url":"http://secunia.com/advisories/32148","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32148"},{"reference_url":"http://secunia.com/advisories/32316","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32316"},{"reference_url":"http://secunia.com/advisories/32746","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32746"},{"reference_url":"http://secunia.com/advisories/32884","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32884"},{"reference_url":"http://secunia.com/advisories/33797","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33797"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://secunia.com/advisories/35306","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35306"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200811-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200811-05.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44401","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44401"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9724","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9724"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035"},{"reference_url":"http://www.debian.org/security/2008/dsa-1647","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1647"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:021","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:021"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:022","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:023","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:024","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:024"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/08/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/08/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/13/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/13/8"},{"reference_url":"http://www.php.net/archive/2008.php#id2008-08-07-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.php.net/archive/2008.php#id2008-08-07-1"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-0350.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-0350.html"},{"reference_url":"http://www.securityfocus.com/archive/1/498647/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/498647/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30649","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30649"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2336","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2336"},{"reference_url":"http://www.vupen.com/english/advisories/2008/3275","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/3275"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0320","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0320"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=459529","reference_id":"459529","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=459529"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3658","reference_id":"CVE-2008-3658","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3658"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0337","reference_id":"RHSA-2009:0337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0338","reference_id":"RHSA-2009:0338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0338"},{"reference_url":"https://usn.ubuntu.com/720-1/","reference_id":"USN-720-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/720-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-3658"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-21m2-srah-5fcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42188?format=json","vulnerability_id":"VCID-3shx-e17g-suat","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2107.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2107","reference_id":"","reference_type":"","scores":[{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86722","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86733","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86752","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86751","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.8677","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86779","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86793","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86789","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86785","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.868","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86804","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86802","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86818","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86824","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86825","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86849","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86867","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86885","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86882","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86894","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86924","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03088","scoring_system":"epss","scoring_elements":"0.86932","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2107"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=445684","reference_id":"445684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=445684"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0544","reference_id":"RHSA-2008:0544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0545","reference_id":"RHSA-2008:0545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0546","reference_id":"RHSA-2008:0546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0582","reference_id":"RHSA-2008:0582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0582"},{"reference_url":"https://usn.ubuntu.com/628-1/","reference_id":"USN-628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/628-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-2107"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3shx-e17g-suat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42195?format=json","vulnerability_id":"VCID-4urv-z3q8-gfc3","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=234102","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=234102"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3660.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3660.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3660","reference_id":"","reference_type":"","scores":[{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94439","published_at":"2026-05-15T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94382","published_at":"2026-04-29T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94384","published_at":"2026-04-21T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94385","published_at":"2026-04-26T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94389","published_at":"2026-05-05T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94397","published_at":"2026-05-07T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.9441","published_at":"2026-05-09T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94417","published_at":"2026-05-11T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94423","published_at":"2026-05-12T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94436","published_at":"2026-05-14T12:55:00Z"},{"value":"0.1412","scoring_system":"epss","scoring_elements":"0.94377","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15974","scoring_system":"epss","scoring_elements":"0.94731","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15974","scoring_system":"epss","scoring_elements":"0.9474","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15974","scoring_system":"epss","scoring_elements":"0.94744","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15974","scoring_system":"epss","scoring_elements":"0.94745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15974","scoring_system":"epss","scoring_elements":"0.94754","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15974","scoring_system":"epss","scoring_elements":"0.94758","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15974","scoring_system":"epss","scoring_elements":"0.94762","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15974","scoring_system":"epss","scoring_elements":"0.94766","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3660"},{"reference_url":"http://secunia.com/advisories/31982","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31982"},{"reference_url":"http://secunia.com/advisories/32148","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32148"},{"reference_url":"http://secunia.com/advisories/32746","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32746"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://secunia.com/advisories/35306","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35306"},{"reference_url":"http://secunia.com/advisories/35650","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35650"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200811-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200811-05.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44402","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44402"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9597","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9597"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035"},{"reference_url":"http://www.debian.org/security/2008/dsa-1647","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1647"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:021","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:021"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:022","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:023","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:024","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:024"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/08/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/08/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/13/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/13/8"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-0350.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-0350.html"},{"reference_url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded"},{"reference_url":"http://www.securitytracker.com/id?1020994","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020994"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2336","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2336"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=459572","reference_id":"459572","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=459572"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3660","reference_id":"CVE-2008-3660","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3660"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0337","reference_id":"RHSA-2009:0337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0338","reference_id":"RHSA-2009:0338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0338"},{"reference_url":"https://usn.ubuntu.com/720-1/","reference_id":"USN-720-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/720-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-3660"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4urv-z3q8-gfc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40861?format=json","vulnerability_id":"VCID-6dhr-bpqk-gfds","summary":"A buffer overflow vulnerability has been discovered in PCRE, allowing for\n    the execution of arbitrary code and a Denial of Service.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=228091","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=228091"},{"reference_url":"http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changes","reference_id":"","reference_type":"","scores":[],"url":"http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changes"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2371.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2371.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2371","reference_id":"","reference_type":"","scores":[{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88752","published_at":"2026-05-15T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88586","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88595","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88612","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88632","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88637","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88649","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88641","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88655","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88651","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.8865","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88665","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88671","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.8867","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88681","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88697","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88709","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88706","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88717","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04128","scoring_system":"epss","scoring_elements":"0.88741","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2371"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371"},{"reference_url":"http://secunia.com/advisories/30916","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30916"},{"reference_url":"http://secunia.com/advisories/30944","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30944"},{"reference_url":"http://secunia.com/advisories/30945","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30945"},{"reference_url":"http://secunia.com/advisories/30958","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30958"},{"reference_url":"http://secunia.com/advisories/30961","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30961"},{"reference_url":"http://secunia.com/advisories/30967","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30967"},{"reference_url":"http://secunia.com/advisories/30972","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30972"},{"reference_url":"http://secunia.com/advisories/30990","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30990"},{"reference_url":"http://secunia.com/advisories/31200","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31200"},{"reference_url":"http://secunia.com/advisories/32222","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32222"},{"reference_url":"http://secunia.com/advisories/32454","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32454"},{"reference_url":"http://secunia.com/advisories/32746","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32746"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://secunia.com/advisories/35650","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35650"},{"reference_url":"http://secunia.com/advisories/39300","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/39300"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200811-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200811-05.xml"},{"reference_url":"http://support.apple.com/kb/HT3216","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3216"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00105.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00105.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00123.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00123.html"},{"reference_url":"http://ubuntu.com/usn/usn-624-2","reference_id":"","reference_type":"","scores":[],"url":"http://ubuntu.com/usn/usn-624-2"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0305","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0305"},{"reference_url":"http://www.debian.org/security/2008/dsa-1602","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1602"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200807-03.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200807-03.xml"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:147","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:147"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:023","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"},{"reference_url":"http://www.securityfocus.com/archive/1/497828/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/497828/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30087","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30087"},{"reference_url":"http://www.securityfocus.com/bid/31681","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31681"},{"reference_url":"http://www.ubuntu.com/usn/usn-624-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-624-1"},{"reference_url":"http://www.ubuntu.com/usn/usn-628-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-628-1"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2005","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2005"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2006","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2006"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2336","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2336"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2780","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2780"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0833","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/0833"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=452079","reference_id":"452079","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=452079"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488919","reference_id":"488919","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488919"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pcre:pcre:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2371","reference_id":"CVE-2008-2371","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2371"},{"reference_url":"https://security.gentoo.org/glsa/200807-03","reference_id":"GLSA-200807-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-03"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://usn.ubuntu.com/624-1/","reference_id":"USN-624-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/624-1/"},{"reference_url":"https://usn.ubuntu.com/624-2/","reference_id":"USN-624-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/624-2/"},{"reference_url":"https://usn.ubuntu.com/628-1/","reference_id":"USN-628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/628-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-2371"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6dhr-bpqk-gfds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42194?format=json","vulnerability_id":"VCID-6v11-qb34-5ydb","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=234102","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=234102"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"http://news.php.net/php.cvs/52002","reference_id":"","reference_type":"","scores":[],"url":"http://news.php.net/php.cvs/52002"},{"reference_url":"http://osvdb.org/47483","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/47483"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3659.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3659.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3659","reference_id":"","reference_type":"","scores":[{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94351","published_at":"2026-04-01T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94435","published_at":"2026-05-09T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94442","published_at":"2026-05-11T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94449","published_at":"2026-05-12T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.9436","published_at":"2026-04-02T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.9437","published_at":"2026-04-04T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94371","published_at":"2026-04-07T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94381","published_at":"2026-04-08T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94385","published_at":"2026-04-09T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94388","published_at":"2026-04-11T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94389","published_at":"2026-04-12T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.9439","published_at":"2026-04-13T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94405","published_at":"2026-04-16T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.9441","published_at":"2026-04-29T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94413","published_at":"2026-04-21T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94414","published_at":"2026-04-24T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94412","published_at":"2026-04-26T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94416","published_at":"2026-05-05T12:55:00Z"},{"value":"0.14232","scoring_system":"epss","scoring_elements":"0.94423","published_at":"2026-05-07T12:55:00Z"},{"value":"0.16468","scoring_system":"epss","scoring_elements":"0.94956","published_at":"2026-05-14T12:55:00Z"},{"value":"0.16468","scoring_system":"epss","scoring_elements":"0.94959","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3659"},{"reference_url":"http://secunia.com/advisories/31982","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31982"},{"reference_url":"http://secunia.com/advisories/32148","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32148"},{"reference_url":"http://secunia.com/advisories/32316","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32316"},{"reference_url":"http://secunia.com/advisories/32746","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32746"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://secunia.com/advisories/35650","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35650"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200811-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200811-05.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44405","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44405"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035"},{"reference_url":"http://www.debian.org/security/2008/dsa-1647","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1647"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:021","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:021"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:022","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:023","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:024","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:024"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/08/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/08/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/08/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/08/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/08/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/08/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/13/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/13/8"},{"reference_url":"http://www.php.net/archive/2008.php#id2008-08-07-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.php.net/archive/2008.php#id2008-08-07-1"},{"reference_url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded"},{"reference_url":"http://www.securitytracker.com/id?1020995","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020995"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2336","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2336"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=459569","reference_id":"459569","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=459569"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3659","reference_id":"CVE-2008-3659","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3659"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://usn.ubuntu.com/720-1/","reference_id":"USN-720-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/720-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-3659"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6v11-qb34-5ydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42190?format=json","vulnerability_id":"VCID-746p-yjt4-jkfh","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2665.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2665.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2665","reference_id":"","reference_type":"","scores":[{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86934","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86724","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86734","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86754","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86753","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86772","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86781","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86794","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86791","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86786","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86802","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86806","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86804","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86821","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86827","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86851","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86869","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86887","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86884","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86896","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0309","scoring_system":"epss","scoring_elements":"0.86926","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2665"},{"reference_url":"http://secunia.com/advisories/32746","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32746"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://secunia.com/advisories/35650","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35650"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200811-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200811-05.xml"},{"reference_url":"http://securityreason.com/achievement_securityalert/54","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/achievement_securityalert/54"},{"reference_url":"http://securityreason.com/securityalert/3941","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/3941"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43196","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43196"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035"},{"reference_url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29797","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29797"},{"reference_url":"http://www.securitytracker.com/id?1020327","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020327"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=452206","reference_id":"452206","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=452206"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2665","reference_id":"CVE-2008-2665","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2665"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-2665"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-746p-yjt4-jkfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42184?format=json","vulnerability_id":"VCID-7np8-1zn4-zqdn","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1384.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1384","reference_id":"","reference_type":"","scores":[{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84879","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84895","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84912","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.8494","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84947","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84963","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.8496","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84977","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84978","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0237","scoring_system":"epss","scoring_elements":"0.84975","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.85905","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.85913","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.85915","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.85933","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.85955","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.85973","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.85971","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.85985","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.8602","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02693","scoring_system":"epss","scoring_elements":"0.8603","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1384"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=439298","reference_id":"439298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=439298"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://usn.ubuntu.com/628-1/","reference_id":"USN-628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/628-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-1384"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7np8-1zn4-zqdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42185?format=json","vulnerability_id":"VCID-7x5g-2nwg-8kh6","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2050.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2050.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2050","reference_id":"","reference_type":"","scores":[{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91161","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91167","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91175","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91196","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91202","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91209","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91212","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91236","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91235","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91237","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91248","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91247","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91246","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91261","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91278","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91289","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91287","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91297","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91306","published_at":"2026-05-14T12:55:00Z"},{"value":"0.06654","scoring_system":"epss","scoring_elements":"0.91312","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2050"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=445002","reference_id":"445002","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=445002"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://usn.ubuntu.com/628-1/","reference_id":"USN-628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/628-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-2050"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7x5g-2nwg-8kh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33673?format=json","vulnerability_id":"VCID-89gs-mhbc-dyda","summary":"A buffer overflow vulnerability has been discovered in PCRE, allowing for\n    the execution of arbitrary code and Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0674.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0674.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0674","reference_id":"","reference_type":"","scores":[{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95601","published_at":"2026-04-01T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.9561","published_at":"2026-04-02T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95615","published_at":"2026-04-04T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95618","published_at":"2026-04-07T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95626","published_at":"2026-04-08T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95629","published_at":"2026-04-09T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95635","published_at":"2026-04-12T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95637","published_at":"2026-04-13T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95646","published_at":"2026-04-16T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95649","published_at":"2026-04-18T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.9565","published_at":"2026-04-21T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95651","published_at":"2026-04-29T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95653","published_at":"2026-04-26T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95666","published_at":"2026-05-05T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95669","published_at":"2026-05-07T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95675","published_at":"2026-05-09T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95681","published_at":"2026-05-11T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95686","published_at":"2026-05-12T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95699","published_at":"2026-05-14T12:55:00Z"},{"value":"0.2096","scoring_system":"epss","scoring_elements":"0.95701","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=431660","reference_id":"431660","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=431660"},{"reference_url":"https://security.gentoo.org/glsa/200803-24","reference_id":"GLSA-200803-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-24"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://usn.ubuntu.com/581-1/","reference_id":"USN-581-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/581-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-0674"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-89gs-mhbc-dyda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42186?format=json","vulnerability_id":"VCID-cthn-r5ae-qucm","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2051.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2051.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2051","reference_id":"","reference_type":"","scores":[{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91042","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91047","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91056","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91065","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91077","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91092","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91116","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91119","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91133","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.9113","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91125","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91139","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91154","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91165","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91174","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91185","published_at":"2026-05-14T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91192","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2051"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=445006","reference_id":"445006","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=445006"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0544","reference_id":"RHSA-2008:0544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0545","reference_id":"RHSA-2008:0545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0546","reference_id":"RHSA-2008:0546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0582","reference_id":"RHSA-2008:0582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0582"},{"reference_url":"https://usn.ubuntu.com/628-1/","reference_id":"USN-628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/628-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-2051"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cthn-r5ae-qucm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42189?format=json","vulnerability_id":"VCID-f9wq-evsy-4qc8","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2108.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2108.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2108","reference_id":"","reference_type":"","scores":[{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90279","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90282","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90295","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.903","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90314","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90321","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90329","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90328","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90322","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90338","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90335","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90351","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.9035","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90346","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90359","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90376","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90387","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90383","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90392","published_at":"2026-05-12T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90406","published_at":"2026-05-14T12:55:00Z"},{"value":"0.05607","scoring_system":"epss","scoring_elements":"0.90413","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2108"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=445685","reference_id":"445685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=445685"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0544","reference_id":"RHSA-2008:0544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0545","reference_id":"RHSA-2008:0545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0546","reference_id":"RHSA-2008:0546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0582","reference_id":"RHSA-2008:0582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0582"},{"reference_url":"https://usn.ubuntu.com/628-1/","reference_id":"USN-628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/628-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-2108"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f9wq-evsy-4qc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42191?format=json","vulnerability_id":"VCID-h6z6-uwnc-u7hj","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2666.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2666.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2666","reference_id":"","reference_type":"","scores":[{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91731","published_at":"2026-05-15T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91617","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91624","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.9163","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91638","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.9165","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91656","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.9166","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91662","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91659","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.9168","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91672","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91679","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91677","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91687","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91699","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91709","published_at":"2026-05-09T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91707","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91716","published_at":"2026-05-12T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91722","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2666"},{"reference_url":"http://secunia.com/advisories/32746","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32746"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://secunia.com/advisories/35650","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35650"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200811-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200811-05.xml"},{"reference_url":"http://securityreason.com/achievement_securityalert/55","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/achievement_securityalert/55"},{"reference_url":"http://securityreason.com/securityalert/3942","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/3942"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43198","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43198"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035"},{"reference_url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29796","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29796"},{"reference_url":"http://www.securitytracker.com/id?1020328","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020328"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=452207","reference_id":"452207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=452207"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2666","reference_id":"CVE-2008-2666","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2666"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/local/31937.txt","reference_id":"CVE-2008-2666;OSVDB-46638","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/local/31937.txt"},{"reference_url":"https://www.securityfocus.com/bid/29796/info","reference_id":"CVE-2008-2666;OSVDB-46638","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/29796/info"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-2666"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6z6-uwnc-u7hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42192?format=json","vulnerability_id":"VCID-x1em-879j-3uf5","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://bugs.php.net/bug.php?id=42862","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.php.net/bug.php?id=42862"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"http://osvdb.org/46641","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/46641"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2829.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2829.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2829","reference_id":"","reference_type":"","scores":[{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92984","published_at":"2026-05-15T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92868","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92875","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92879","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92876","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92885","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92889","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92894","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92893","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92904","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92906","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92912","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92915","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92917","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92913","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92921","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92933","published_at":"2026-05-07T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92944","published_at":"2026-05-09T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92947","published_at":"2026-05-11T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92955","published_at":"2026-05-12T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92978","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2829"},{"reference_url":"https://bugs.gentoo.org/show_bug.cgi?id=221969","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.gentoo.org/show_bug.cgi?id=221969"},{"reference_url":"http://secunia.com/advisories/31200","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31200"},{"reference_url":"http://secunia.com/advisories/32746","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32746"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://secunia.com/advisories/35306","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35306"},{"reference_url":"http://secunia.com/advisories/35650","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35650"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200811-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200811-05.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43357","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43357"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0035"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:126","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:126"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:127","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:127"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:128","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:128"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/06/19/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/06/19/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/06/24/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/06/24/2"},{"reference_url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/501376/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29829","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29829"},{"reference_url":"http://www.ubuntu.com/usn/usn-628-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-628-1"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=452808","reference_id":"452808","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=452808"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2829","reference_id":"CVE-2008-2829","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2829"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://usn.ubuntu.com/628-1/","reference_id":"USN-628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/628-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-2829"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x1em-879j-3uf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42183?format=json","vulnerability_id":"VCID-ywkk-h3sj-j3c8","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0599.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0599","reference_id":"","reference_type":"","scores":[{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97237","published_at":"2026-04-01T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97242","published_at":"2026-04-02T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97247","published_at":"2026-04-04T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97248","published_at":"2026-04-07T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97255","published_at":"2026-04-08T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97256","published_at":"2026-04-09T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97259","published_at":"2026-04-11T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97261","published_at":"2026-04-13T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97268","published_at":"2026-04-16T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.9727","published_at":"2026-04-18T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97273","published_at":"2026-04-21T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97274","published_at":"2026-04-26T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97276","published_at":"2026-04-29T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97281","published_at":"2026-05-05T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97286","published_at":"2026-05-07T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.9729","published_at":"2026-05-09T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97296","published_at":"2026-05-11T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97301","published_at":"2026-05-12T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.97309","published_at":"2026-05-14T12:55:00Z"},{"value":"0.38875","scoring_system":"epss","scoring_elements":"0.9731","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0599"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=445003","reference_id":"445003","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=445003"},{"reference_url":"https://security.gentoo.org/glsa/200811-05","reference_id":"GLSA-200811-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200811-05"},{"reference_url":"https://usn.ubuntu.com/628-1/","reference_id":"USN-628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/628-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75975?format=json","purl":"pkg:ebuild/dev-lang/php@5.2.6-r6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}],"aliases":["CVE-2008-0599"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ywkk-h3sj-j3c8"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6"}