{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86230?format=json","vulnerability_id":"VCID-wm74-zj9s-4fbu","summary":"php: ArrayIterator use-after-free due to object change during sorting","aliases":[{"alias":"CVE-2014-4698"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121485?format=json","purl":"pkg:rpm/redhat/php@5.3.3-27.el6_5?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3suc-y5qt-cydk"},{"vulnerability":"VCID-c459-97cu-5ffc"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-mgyd-qmns-8qbh"},{"vulnerability":"VCID-wm74-zj9s-4fbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.3.3-27.el6_5%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/121484?format=json","purl":"pkg:rpm/redhat/php@5.4.16-23.el7_0?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3suc-y5qt-cydk"},{"vulnerability":"VCID-5xgj-hjsk-r3h5"},{"vulnerability":"VCID-c459-97cu-5ffc"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-kj2f-8vd4-quep"},{"vulnerability":"VCID-mgyd-qmns-8qbh"},{"vulnerability":"VCID-wm74-zj9s-4fbu"},{"vulnerability":"VCID-xmxy-f5cc-qygp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.4.16-23.el7_0%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/121483?format=json","purl":"pkg:rpm/redhat/php53@5.3.3-24?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3suc-y5qt-cydk"},{"vulnerability":"VCID-c459-97cu-5ffc"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-mgyd-qmns-8qbh"},{"vulnerability":"VCID-wm74-zj9s-4fbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php53@5.3.3-24%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/121006?format=json","purl":"pkg:rpm/redhat/php54-php@5.4.16-22?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1wcd-dm5g-j7g7"},{"vulnerability":"VCID-241u-c539-sudk"},{"vulnerability":"VCID-2td7-hxf4-7kab"},{"vulnerability":"VCID-3suc-y5qt-cydk"},{"vulnerability":"VCID-5xgj-hjsk-r3h5"},{"vulnerability":"VCID-68v2-3w45-6yhd"},{"vulnerability":"VCID-72u3-dvr8-4yh2"},{"vulnerability":"VCID-81ub-45sb-3kg3"},{"vulnerability":"VCID-b368-h8fw-ffar"},{"vulnerability":"VCID-c459-97cu-5ffc"},{"vulnerability":"VCID-d1mv-t1ws-ebev"},{"vulnerability":"VCID-ey5t-v824-ykhz"},{"vulnerability":"VCID-fapv-3bja-r3hm"},{"vulnerability":"VCID-fmf6-wa6m-qubb"},{"vulnerability":"VCID-h7b6-23hp-8ycj"},{"vulnerability":"VCID-j2z8-tcs6-4be1"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-kj2f-8vd4-quep"},{"vulnerability":"VCID-mgyd-qmns-8qbh"},{"vulnerability":"VCID-pap5-p9hx-syf9"},{"vulnerability":"VCID-wm74-zj9s-4fbu"},{"vulnerability":"VCID-xfmq-b6kr-63hx"},{"vulnerability":"VCID-xfpj-zu5q-tqa7"},{"vulnerability":"VCID-xmxy-f5cc-qygp"},{"vulnerability":"VCID-y1s1-zrvk-77d3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php54-php@5.4.16-22%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/121007?format=json","purl":"pkg:rpm/redhat/php54-php@5.4.16-22?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1wcd-dm5g-j7g7"},{"vulnerability":"VCID-241u-c539-sudk"},{"vulnerability":"VCID-2td7-hxf4-7kab"},{"vulnerability":"VCID-3suc-y5qt-cydk"},{"vulnerability":"VCID-5xgj-hjsk-r3h5"},{"vulnerability":"VCID-68v2-3w45-6yhd"},{"vulnerability":"VCID-72u3-dvr8-4yh2"},{"vulnerability":"VCID-81ub-45sb-3kg3"},{"vulnerability":"VCID-b368-h8fw-ffar"},{"vulnerability":"VCID-c459-97cu-5ffc"},{"vulnerability":"VCID-d1mv-t1ws-ebev"},{"vulnerability":"VCID-ey5t-v824-ykhz"},{"vulnerability":"VCID-fapv-3bja-r3hm"},{"vulnerability":"VCID-fmf6-wa6m-qubb"},{"vulnerability":"VCID-h7b6-23hp-8ycj"},{"vulnerability":"VCID-j2z8-tcs6-4be1"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-kj2f-8vd4-quep"},{"vulnerability":"VCID-mgyd-qmns-8qbh"},{"vulnerability":"VCID-pap5-p9hx-syf9"},{"vulnerability":"VCID-wm74-zj9s-4fbu"},{"vulnerability":"VCID-xfmq-b6kr-63hx"},{"vulnerability":"VCID-xfpj-zu5q-tqa7"},{"vulnerability":"VCID-xmxy-f5cc-qygp"},{"vulnerability":"VCID-y1s1-zrvk-77d3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php54-php@5.4.16-22%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/121001?format=json","purl":"pkg:rpm/redhat/php55-php@5.5.6-13?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1wcd-dm5g-j7g7"},{"vulnerability":"VCID-241u-c539-sudk"},{"vulnerability":"VCID-3suc-y5qt-cydk"},{"vulnerability":"VCID-5xgj-hjsk-r3h5"},{"vulnerability":"VCID-68v2-3w45-6yhd"},{"vulnerability":"VCID-72u3-dvr8-4yh2"},{"vulnerability":"VCID-81ub-45sb-3kg3"},{"vulnerability":"VCID-b368-h8fw-ffar"},{"vulnerability":"VCID-c459-97cu-5ffc"},{"vulnerability":"VCID-d1mv-t1ws-ebev"},{"vulnerability":"VCID-fapv-3bja-r3hm"},{"vulnerability":"VCID-fmf6-wa6m-qubb"},{"vulnerability":"VCID-h7b6-23hp-8ycj"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-kj2f-8vd4-quep"},{"vulnerability":"VCID-mgyd-qmns-8qbh"},{"vulnerability":"VCID-pap5-p9hx-syf9"},{"vulnerability":"VCID-wm74-zj9s-4fbu"},{"vulnerability":"VCID-xfpj-zu5q-tqa7"},{"vulnerability":"VCID-xmxy-f5cc-qygp"},{"vulnerability":"VCID-y1s1-zrvk-77d3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php55-php@5.5.6-13%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/121005?format=json","purl":"pkg:rpm/redhat/php55-php@5.5.6-13?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1wcd-dm5g-j7g7"},{"vulnerability":"VCID-241u-c539-sudk"},{"vulnerability":"VCID-3suc-y5qt-cydk"},{"vulnerability":"VCID-5xgj-hjsk-r3h5"},{"vulnerability":"VCID-68v2-3w45-6yhd"},{"vulnerability":"VCID-72u3-dvr8-4yh2"},{"vulnerability":"VCID-81ub-45sb-3kg3"},{"vulnerability":"VCID-b368-h8fw-ffar"},{"vulnerability":"VCID-c459-97cu-5ffc"},{"vulnerability":"VCID-d1mv-t1ws-ebev"},{"vulnerability":"VCID-fapv-3bja-r3hm"},{"vulnerability":"VCID-fmf6-wa6m-qubb"},{"vulnerability":"VCID-h7b6-23hp-8ycj"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-kj2f-8vd4-quep"},{"vulnerability":"VCID-mgyd-qmns-8qbh"},{"vulnerability":"VCID-pap5-p9hx-syf9"},{"vulnerability":"VCID-wm74-zj9s-4fbu"},{"vulnerability":"VCID-xfpj-zu5q-tqa7"},{"vulnerability":"VCID-xmxy-f5cc-qygp"},{"vulnerability":"VCID-y1s1-zrvk-77d3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php55-php@5.5.6-13%3Farch=el7"}],"references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-07/msg00035.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2014-07/msg00035.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1326.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1326.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1327.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1327.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4698.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4698","reference_id":"","reference_type":"","scores":[{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.64099","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63849","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63909","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63935","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63893","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63943","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63961","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63973","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63927","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63971","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63979","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63991","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.6399","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.63962","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.64006","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.64052","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.64019","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00457","scoring_system":"epss","scoring_elements":"0.64046","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4698"},{"reference_url":"https://bugs.php.net/bug.php?id=67539","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=67539"},{"reference_url":"http://secunia.com/advisories/54553","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/54553"},{"reference_url":"http://secunia.com/advisories/59831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59831"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21683486","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21683486"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120259","reference_id":"1120259","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120259"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-4698","reference_id":"CVE-2014-4698","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-4698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1326","reference_id":"RHSA-2014:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1327","reference_id":"RHSA-2014:1327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"https://usn.ubuntu.com/2276-1/","reference_id":"USN-2276-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2276-1/"}],"weaknesses":[{"cwe_id":416,"name":"Use After Free","description":"Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code."}],"exploits":[],"severity_range_score":"4.6 - 4.6","exploitability":"0.5","weighted_severity":"4.1","risk_score":2.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wm74-zj9s-4fbu"}