{"url":"http://public2.vulnerablecode.io/api/packages/77245?format=json","purl":"pkg:ebuild/sys-apps/file@5.23","type":"ebuild","namespace":"sys-apps","name":"file","version":"5.23","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"5.32","latest_non_vulnerable_version":"5.42","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47794?format=json","vulnerability_id":"VCID-53je-bpjt-z7gc","summary":"Multiple vulnerabilities have been found in file, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9653.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9653.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9653","reference_id":"","reference_type":"","scores":[{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91291","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91296","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91307","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91313","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91326","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91331","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91339","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91341","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.9134","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91364","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91366","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91375","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91374","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91388","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91404","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91414","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91412","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91422","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91431","published_at":"2026-05-14T12:55:00Z"},{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91437","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9653"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190116","reference_id":"1190116","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190116"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777585","reference_id":"777585","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777585"},{"reference_url":"https://security.gentoo.org/glsa/201701-42","reference_id":"GLSA-201701-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0760","reference_id":"RHSA-2016:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0760"},{"reference_url":"https://usn.ubuntu.com/3686-1/","reference_id":"USN-3686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77245?format=json","purl":"pkg:ebuild/sys-apps/file@5.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/sys-apps/file@5.23"}],"aliases":["CVE-2014-9653"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53je-bpjt-z7gc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38732?format=json","vulnerability_id":"VCID-h7b6-23hp-8ycj","summary":"Multiple vulnerabilities have been discovered in PHP, the worst of\n    which could lead to remote execution of arbitrary code.","references":[{"reference_url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1803228597e82218a8c105e67975bc50e6f5bf0d","reference_id":"","reference_type":"","scores":[],"url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1803228597e82218a8c105e67975bc50e6f5bf0d"},{"reference_url":"http://linux.oracle.com/errata/ELSA-2014-1767.html","reference_id":"","reference_type":"","scores":[],"url":"http://linux.oracle.com/errata/ELSA-2014-1767.html"},{"reference_url":"http://linux.oracle.com/errata/ELSA-2014-1768.html","reference_id":"","reference_type":"","scores":[],"url":"http://linux.oracle.com/errata/ELSA-2014-1768.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1767.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1767.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1768.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1768.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0760.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0760.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3710","reference_id":"","reference_type":"","scores":[{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.9169","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91725","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91731","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91735","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91736","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91732","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91752","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91745","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91747","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91749","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91699","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91704","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0739","scoring_system":"epss","scoring_elements":"0.91712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08075","scoring_system":"epss","scoring_elements":"0.92185","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08075","scoring_system":"epss","scoring_elements":"0.92188","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08075","scoring_system":"epss","scoring_elements":"0.92196","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08075","scoring_system":"epss","scoring_elements":"0.92215","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08075","scoring_system":"epss","scoring_elements":"0.92223","published_at":"2026-05-15T12:55:00Z"},{"value":"0.08075","scoring_system":"epss","scoring_elements":"0.92152","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08075","scoring_system":"epss","scoring_elements":"0.92163","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08075","scoring_system":"epss","scoring_elements":"0.92176","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3710"},{"reference_url":"https://bugs.php.net/bug.php?id=68283","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=68283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710"},{"reference_url":"http://secunia.com/advisories/60630","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60630"},{"reference_url":"http://secunia.com/advisories/60699","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60699"},{"reference_url":"http://secunia.com/advisories/61763","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61763"},{"reference_url":"http://secunia.com/advisories/61970","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61970"},{"reference_url":"http://secunia.com/advisories/61982","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61982"},{"reference_url":"http://secunia.com/advisories/62347","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62347"},{"reference_url":"http://secunia.com/advisories/62559","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62559"},{"reference_url":"https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT204659"},{"reference_url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc","reference_id":"","reference_type":"","scores":[],"url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc"},{"reference_url":"http://www.debian.org/security/2014/dsa-3072","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-3072"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/70807","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70807"},{"reference_url":"http://www.securitytracker.com/id/1031344","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031344"},{"reference_url":"http://www.ubuntu.com/usn/USN-2391-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2391-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2494-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2494-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1155071","reference_id":"1155071","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1155071"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806","reference_id":"768806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3710","reference_id":"CVE-2014-3710","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3710"},{"reference_url":"https://security.gentoo.org/glsa/201503-03","reference_id":"GLSA-201503-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-03"},{"reference_url":"https://security.gentoo.org/glsa/201701-42","reference_id":"GLSA-201701-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1767","reference_id":"RHSA-2014:1767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1768","reference_id":"RHSA-2014:1768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0760","reference_id":"RHSA-2016:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0760"},{"reference_url":"https://usn.ubuntu.com/2391-1/","reference_id":"USN-2391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2391-1/"},{"reference_url":"https://usn.ubuntu.com/2494-1/","reference_id":"USN-2494-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2494-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77245?format=json","purl":"pkg:ebuild/sys-apps/file@5.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/sys-apps/file@5.23"}],"aliases":["CVE-2014-3710"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7b6-23hp-8ycj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47793?format=json","vulnerability_id":"VCID-nfd8-hxvz-x3au","summary":"Multiple vulnerabilities have been found in file, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9652.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9652.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9652","reference_id":"","reference_type":"","scores":[{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90465","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90469","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90481","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90486","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90499","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90505","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90513","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90512","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90506","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90524","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90522","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90534","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90531","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90541","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90559","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.9057","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90567","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90577","published_at":"2026-05-12T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.9059","published_at":"2026-05-14T12:55:00Z"},{"value":"0.05795","scoring_system":"epss","scoring_elements":"0.90596","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1188599","reference_id":"1188599","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1188599"},{"reference_url":"https://security.gentoo.org/glsa/201701-42","reference_id":"GLSA-201701-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1053","reference_id":"RHSA-2015:1053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1066","reference_id":"RHSA-2015:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1135","reference_id":"RHSA-2015:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://usn.ubuntu.com/2501-1/","reference_id":"USN-2501-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2501-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77245?format=json","purl":"pkg:ebuild/sys-apps/file@5.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/sys-apps/file@5.23"}],"aliases":["CVE-2014-9652"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nfd8-hxvz-x3au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47795?format=json","vulnerability_id":"VCID-zkut-a5an-r7ae","summary":"Multiple vulnerabilities have been found in file, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://bugs.gw.com/view.php?id=522","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gw.com/view.php?id=522"},{"reference_url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e","reference_id":"","reference_type":"","scores":[],"url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2750.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2750.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8865","reference_id":"","reference_type":"","scores":[{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77084","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77356","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7728","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77296","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77342","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7709","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7712","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77135","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77144","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77172","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77146","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77187","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77188","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77214","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7722","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77236","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77241","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7727","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.7729","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8865"},{"reference_url":"https://bugs.php.net/bug.php?id=71527","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=71527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"},{"reference_url":"https://security.gentoo.org/glsa/201611-22","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-22"},{"reference_url":"https://support.apple.com/HT206567","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206567"},{"reference_url":"http://www.debian.org/security/2016/dsa-3560","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3560"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/04/24/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/04/24/1"},{"reference_url":"http://www.php.net/ChangeLog-5.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.php.net/ChangeLog-5.php"},{"reference_url":"http://www.php.net/ChangeLog-7.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.php.net/ChangeLog-7.php"},{"reference_url":"http://www.securityfocus.com/bid/85802","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/85802"},{"reference_url":"http://www.ubuntu.com/usn/USN-2952-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2952-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2952-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2952-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323118","reference_id":"1323118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323118"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377","reference_id":"827377","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8865","reference_id":"CVE-2015-8865","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8865"},{"reference_url":"https://security.gentoo.org/glsa/201701-42","reference_id":"GLSA-201701-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2750","reference_id":"RHSA-2016:2750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2750"},{"reference_url":"https://usn.ubuntu.com/2984-1/","reference_id":"USN-2984-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2984-1/"},{"reference_url":"https://usn.ubuntu.com/3686-1/","reference_id":"USN-3686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-1/"},{"reference_url":"https://usn.ubuntu.com/3686-2/","reference_id":"USN-3686-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77245?format=json","purl":"pkg:ebuild/sys-apps/file@5.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/sys-apps/file@5.23"}],"aliases":["CVE-2015-8865"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkut-a5an-r7ae"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/sys-apps/file@5.23"}