[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2008-5557":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":83,"duplicate_of":9,"upstream":84,"downstream":85,"duplicates":96,"related":97,"reserved_at":9,"published_at":98,"modified_at":99,"state":100,"summary":101,"references_raw":108,"kevs":248,"epss":249,"epss_history":252,"metrics":491,"affected":494},"CVE-2008-5557","Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[69,78],{"_key":70,"name":71,"source":72,"url":73,"maturity":74,"reliability_score":75,"verified":76,"type":9,"platforms":77,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_0447D06A414A96E2","Exploit Reference (cvs.php.net)","reference","http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/libmbfl/filters/mbfilter_htmlent.c?r1=1.7&r2=1.8","unknown",0.2,false,[],{"_key":79,"name":80,"source":72,"url":81,"maturity":74,"reliability_score":75,"verified":76,"type":9,"platforms":82,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_4CBF06225E3C908C","Exploit Reference (bugs.php.net)","http://bugs.php.net/bug.php?id=45722",[],[],[],[86,88,90,92,94],{"_key":87},"RHSA-2009:0337",{"_key":89},"RHSA-2009:0338",{"_key":91},"RHSA-2009:0350",{"_key":93},"DSA-1789-1",{"_key":95},"DTSA-188-1",[],[],"2008-12-23T18:13:00.000Z","2024-08-07T10:56:47.251Z","Modified",{"cisa_kev":76,"cisa_ransomware":76,"cisa_vendor":9,"epss_severity":102,"epss_score":103,"severity":102,"severity_score":104,"severity_version":105,"severity_source":106,"severity_vector":107,"severity_status":100},"high",0.29698,10,"v2.0","nvd","AV:N/AC:L/Au:N/C:C/I:C/A:C",[109,116,121,125,129,134,140,145,149,155,161,165,169,174,179,183,188,192,196,200,206,211,216,221,224,230,234,238,243],{"url":110,"sources":111,"tags":113},"http://marc.info/?l=bugtraq&m=125631037611762&w=2",[112,106],"cve.org",[114,115],"Vendor Advisory","X Refsource HP",{"url":117,"sources":118,"tags":119},"http://support.apple.com/kb/HT3549",[112,106],[120],"X Refsource CONFIRM",{"url":122,"sources":123,"tags":124},"http://marc.info/?l=bugtraq&m=124654546101607&w=2",[112,106],[114,115],{"url":73,"sources":126,"tags":127},[112,106],[120,128],"Exploit",{"url":130,"sources":131,"tags":132},"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html",[112,106],[114,133],"X Refsource FEDORA",{"url":135,"sources":136,"tags":137},"http://www.securityfocus.com/archive/1/501376/100/0/threaded",[112,106],[138,139],"Mailing List","X Refsource BUGTRAQ",{"url":141,"sources":142,"tags":143},"http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html",[112,106],[138,144],"X Refsource FULLDISC",{"url":146,"sources":147,"tags":148},"http://wiki.rpath.com/Advisories:rPSA-2009-0035",[112,106],[120],{"url":150,"sources":151,"tags":152},"http://secunia.com/advisories/34642",[112,106],[153,154],"Third Party Advisory","X Refsource SECUNIA",{"url":156,"sources":157,"tags":158},"http://securitytracker.com/id?1021482",[112,106],[159,160],"VDB Entry","X Refsource SECTRACK",{"url":162,"sources":163,"tags":164},"http://secunia.com/advisories/35074",[112,106],[153,154],{"url":166,"sources":167,"tags":168},"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444",[112,106],[114,115],{"url":170,"sources":171,"tags":172},"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html",[112,106],[114,173],"X Refsource APPLE",{"url":175,"sources":176,"tags":177},"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html",[112,106],[114,178],"X Refsource SUSE",{"url":180,"sources":181,"tags":182},"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html",[112,106],[114,178],{"url":184,"sources":185,"tags":186},"http://www.redhat.com/support/errata/RHSA-2009-0350.html",[112,106],[114,187],"X Refsource REDHAT",{"url":189,"sources":190,"tags":191},"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html",[112,106],[114,133],{"url":193,"sources":194,"tags":195},"http://secunia.com/advisories/35003",[112,106],[153,154],{"url":197,"sources":198,"tags":199},"http://www.php.net/ChangeLog-5.php#5.2.7",[112,106],[120],{"url":201,"sources":202,"tags":203},"http://www.us-cert.gov/cas/techalerts/TA09-133A.html",[112,106],[153,204,205],"X Refsource CERT","US Government Resource",{"url":207,"sources":208,"tags":209},"https://exchange.xforce.ibmcloud.com/vulnerabilities/47525",[112,106],[159,210],"X Refsource XF",{"url":212,"sources":213,"tags":214},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:045",[112,106],[114,215],"X Refsource MANDRIVA",{"url":217,"sources":218,"tags":219},"http://www.vupen.com/english/advisories/2009/1297",[112,106],[159,220],"X Refsource VUPEN",{"url":81,"sources":222,"tags":223},[112,106],[120,128],{"url":225,"sources":226,"tags":227},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10286",[112,106],[159,228,229],"Signature","X Refsource OVAL",{"url":231,"sources":232,"tags":233},"http://secunia.com/advisories/35306",[112,106],[153,154],{"url":235,"sources":236,"tags":237},"http://secunia.com/advisories/35650",[112,106],[153,154],{"url":239,"sources":240,"tags":241},"http://www.securityfocus.com/bid/32948",[112,106],[159,242],"X Refsource BID",{"url":244,"sources":245,"tags":246},"http://www.debian.org/security/2009/dsa-1789",[112,106],[114,247],"X Refsource DEBIAN",[],{"date":250,"score":103,"percentile":251},"2026-06-04",0.96719,[253,256,259,262,265,268,270,273,275,278,281,284,287,289,292,295,298,301,304,306,309,312,314,317,320,322,325,328,331,333,336,339,342,344,346,348,351,354,357,360,362,364,367,370,373,375,377,379,381,384,386,388,391,393,397,400,402,404,407,410,413,415,417,419,422,424,426,429,432,434,437,439,442,445,448,451,454,457,460,463,465,468,470,472,474,477,480,483,485,488],{"date":254,"score":103,"percentile":255},"2025-11-04",0.96404,{"date":257,"score":103,"percentile":258},"2025-11-05",0.96403,{"date":260,"score":103,"percentile":261},"2025-11-06",0.96406,{"date":263,"score":103,"percentile":264},"2025-11-07",0.96408,{"date":266,"score":103,"percentile":267},"2025-11-08",0.96409,{"date":269,"score":103,"percentile":264},"2025-11-09",{"date":271,"score":103,"percentile":272},"2025-11-10",0.96407,{"date":274,"score":103,"percentile":264},"2025-11-11",{"date":276,"score":103,"percentile":277},"2025-11-12",0.9641,{"date":279,"score":103,"percentile":280},"2025-11-13",0.96411,{"date":282,"score":103,"percentile":283},"2025-11-14",0.96414,{"date":285,"score":103,"percentile":286},"2025-11-15",0.96413,{"date":288,"score":103,"percentile":286},"2025-11-16",{"date":290,"score":103,"percentile":291},"2025-11-17",0.96415,{"date":293,"score":103,"percentile":294},"2025-11-18",0.96355,{"date":296,"score":103,"percentile":297},"2025-11-19",0.96356,{"date":299,"score":103,"percentile":300},"2025-11-20",0.96358,{"date":302,"score":103,"percentile":303},"2025-11-21",0.96425,{"date":305,"score":103,"percentile":303},"2025-11-22",{"date":307,"score":103,"percentile":308},"2025-11-23",0.96424,{"date":310,"score":103,"percentile":311},"2025-11-24",0.96428,{"date":313,"score":103,"percentile":311},"2025-11-25",{"date":315,"score":103,"percentile":316},"2025-11-26",0.9643,{"date":318,"score":103,"percentile":319},"2025-11-27",0.96432,{"date":321,"score":103,"percentile":316},"2025-11-28",{"date":323,"score":103,"percentile":324},"2025-11-29",0.96433,{"date":326,"score":103,"percentile":327},"2025-11-30",0.96434,{"date":329,"score":103,"percentile":330},"2025-12-01",0.96463,{"date":332,"score":103,"percentile":330},"2025-12-02",{"date":334,"score":103,"percentile":335},"2025-12-03",0.96465,{"date":337,"score":103,"percentile":338},"2025-12-04",0.96437,{"date":340,"score":103,"percentile":341},"2025-12-05",0.96439,{"date":343,"score":103,"percentile":341},"2025-12-06",{"date":345,"score":103,"percentile":338},"2025-12-07",{"date":347,"score":103,"percentile":338},"2025-12-08",{"date":349,"score":103,"percentile":350},"2025-12-09",0.9644,{"date":352,"score":103,"percentile":353},"2025-12-10",0.96444,{"date":355,"score":103,"percentile":356},"2025-12-11",0.96447,{"date":358,"score":103,"percentile":359},"2025-12-12",0.96448,{"date":361,"score":103,"percentile":356},"2025-12-13",{"date":363,"score":103,"percentile":356},"2025-12-14",{"date":365,"score":103,"percentile":366},"2025-12-15",0.96449,{"date":368,"score":103,"percentile":369},"2025-12-16",0.96453,{"date":371,"score":103,"percentile":372},"2025-12-17",0.96455,{"date":374,"score":103,"percentile":372},"2025-12-18",{"date":376,"score":103,"percentile":372},"2025-12-19",{"date":378,"score":103,"percentile":372},"2025-12-20",{"date":380,"score":103,"percentile":372},"2025-12-21",{"date":382,"score":103,"percentile":383},"2025-12-22",0.96456,{"date":385,"score":103,"percentile":372},"2025-12-23",{"date":387,"score":103,"percentile":383},"2025-12-24",{"date":389,"score":103,"percentile":390},"2025-12-25",0.96461,{"date":392,"score":103,"percentile":390},"2025-12-26",{"date":394,"score":395,"percentile":396},"2025-12-27",0.23183,0.95774,{"date":398,"score":103,"percentile":399},"2025-12-28",0.9646,{"date":401,"score":103,"percentile":399},"2025-12-29",{"date":403,"score":103,"percentile":330},"2025-12-30",{"date":405,"score":103,"percentile":406},"2025-12-31",0.96467,{"date":408,"score":103,"percentile":409},"2026-01-01",0.96497,{"date":411,"score":103,"percentile":412},"2026-01-02",0.96493,{"date":414,"score":103,"percentile":412},"2026-01-03",{"date":416,"score":103,"percentile":330},"2026-01-04",{"date":418,"score":103,"percentile":330},"2026-01-05",{"date":420,"score":103,"percentile":421},"2026-01-06",0.96464,{"date":423,"score":103,"percentile":335},"2026-01-07",{"date":425,"score":103,"percentile":406},"2026-01-08",{"date":427,"score":103,"percentile":428},"2026-01-09",0.96469,{"date":430,"score":103,"percentile":431},"2026-01-10",0.96471,{"date":433,"score":103,"percentile":431},"2026-01-11",{"date":435,"score":103,"percentile":436},"2026-01-12",0.96472,{"date":438,"score":103,"percentile":436},"2026-01-13",{"date":440,"score":103,"percentile":441},"2026-01-14",0.96477,{"date":443,"score":103,"percentile":444},"2026-01-15",0.96479,{"date":446,"score":103,"percentile":447},"2026-01-16",0.96481,{"date":449,"score":103,"percentile":450},"2026-01-17",0.96482,{"date":452,"score":103,"percentile":453},"2026-01-18",0.96485,{"date":455,"score":103,"percentile":456},"2026-01-19",0.96483,{"date":458,"score":103,"percentile":459},"2026-01-20",0.96484,{"date":461,"score":103,"percentile":462},"2026-01-21",0.96486,{"date":464,"score":103,"percentile":462},"2026-01-22",{"date":466,"score":103,"percentile":467},"2026-01-23",0.96491,{"date":469,"score":103,"percentile":412},"2026-01-24",{"date":471,"score":103,"percentile":412},"2026-01-25",{"date":473,"score":103,"percentile":412},"2026-01-26",{"date":475,"score":103,"percentile":476},"2026-01-27",0.96492,{"date":478,"score":103,"percentile":479},"2026-01-28",0.96494,{"date":481,"score":103,"percentile":482},"2026-01-29",0.96495,{"date":484,"score":103,"percentile":479},"2026-01-30",{"date":486,"score":103,"percentile":487},"2026-01-31",0.96496,{"date":489,"score":103,"percentile":490},"2026-02-01",0.96525,[492],{"source":106,"cvss_v2_0":493,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":104,"baseSeverity":9,"vectorString":107,"impactScore":104,"exploitabilityScore":104},[495],{"ecosystem":9,"name":496,"vendor":9,"product":496,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":497},"PHP",[498,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533,535,537,539,541,543,545,547,549,551,553,555,557,559,561,563,565,567,569,571,573,575,577,579,581,583,585,587,589,591,593,595],{"version":499,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.0","cpe",{"version":502,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.1",{"version":504,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.2",{"version":506,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.3",{"version":508,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.4",{"version":510,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.5",{"version":512,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.6",{"version":514,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.7",{"version":516,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.8",{"version":518,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.9",{"version":520,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.10",{"version":522,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.3.11",{"version":524,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.0",{"version":526,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.1",{"version":528,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.2",{"version":530,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.3",{"version":532,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.4",{"version":534,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.5",{"version":536,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.6",{"version":538,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.7",{"version":540,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.8",{"version":542,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.9",{"version":544,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0",{"version":546,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0:beta1",{"version":548,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0:beta2",{"version":550,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0:beta3",{"version":552,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0:beta4",{"version":554,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0:rc1",{"version":556,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0:rc2",{"version":558,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0:rc3",{"version":560,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.1",{"version":562,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.2",{"version":564,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.3",{"version":566,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.4",{"version":568,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.5",{"version":570,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1.0",{"version":572,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1.1",{"version":574,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1.2",{"version":576,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1.3",{"version":578,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1.4",{"version":580,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1.5",{"version":582,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1.6",{"version":584,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.0",{"version":586,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.1",{"version":588,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.2",{"version":590,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.3",{"version":592,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.4",{"version":594,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.5",{"version":596,"is_range":76,"range_type":500,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.6"]