[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-8935":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":45,"duplicate_of":9,"upstream":46,"downstream":47,"duplicates":62,"related":63,"reserved_at":9,"published_at":67,"modified_at":68,"state":69,"summary":70,"references_raw":79,"kevs":117,"epss":118,"epss_history":121,"metrics":377,"affected":388},"CVE-2015-8935","The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],[],[],[],[48,50,52,54,56,58,60],{"_key":49},"SUSE-SU-2016:2013-1",{"_key":51},"SUSE-SU-2016:2080-1",{"_key":53},"RHSA-2015:1066",{"_key":55},"SUSE-SU-2016:1842-1",{"_key":57},"UBUNTU-CVE-2015-8935",{"_key":59},"USN-3045-1",{"_key":61},"RHSA-2016:2750",[],[64,65,66],{"_key":49},{"_key":51},{"_key":55},"2016-08-07T10:00:00.000Z","2024-08-06T08:36:30.673Z","Modified",{"cisa_kev":71,"cisa_ransomware":71,"cisa_vendor":9,"epss_severity":72,"epss_score":73,"severity":74,"severity_score":75,"severity_version":76,"severity_source":77,"severity_vector":78,"severity_status":69},false,"low",0.01115,"medium",6.1,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[80,88,94,98,103,109,113],{"url":81,"sources":82,"tags":84},"https://github.com/php/php-src/commit/996faf964bba1aec06b153b370a7f20d3dd2bb8b?w=1",[83,77],"cve.org",[85,86,87],"X Refsource CONFIRM","Issue Tracking","Patch",{"url":89,"sources":90,"tags":91},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html",[83,77],[92,93],"Vendor Advisory","X Refsource SUSE",{"url":95,"sources":96,"tags":97},"http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html",[83,77],[92,93],{"url":99,"sources":100,"tags":101},"http://rhn.redhat.com/errata/RHSA-2016-2750.html",[83,77],[92,102],"X Refsource REDHAT",{"url":104,"sources":105,"tags":106},"http://www.openwall.com/lists/oss-security/2016/06/20/3",[83,77],[107,108,87],"Mailing List","X Refsource MLIST",{"url":110,"sources":111,"tags":112},"https://bugs.php.net/bug.php?id=68978",[83,77],[85,86,92],{"url":114,"sources":115,"tags":116},"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html",[83,77],[92,93],[],{"date":119,"score":73,"percentile":120},"2026-06-04",0.78532,[122,126,129,132,136,139,142,145,148,150,153,156,159,163,166,169,172,175,178,180,183,185,188,191,194,196,198,201,205,208,211,214,217,219,221,223,226,229,232,235,238,241,244,247,250,253,256,259,262,264,266,269,272,275,279,282,284,287,290,293,296,299,302,305,308,311,314,317,319,322,325,327,330,332,335,337,340,343,345,348,350,353,355,358,361,363,366,368,371,373],{"date":123,"score":124,"percentile":125},"2025-11-04",0.0139,0.79717,{"date":127,"score":124,"percentile":128},"2025-11-05",0.79719,{"date":130,"score":124,"percentile":131},"2025-11-06",0.79723,{"date":133,"score":134,"percentile":135},"2025-11-07",0.01212,0.78357,{"date":137,"score":134,"percentile":138},"2025-11-08",0.78363,{"date":140,"score":134,"percentile":141},"2025-11-09",0.78359,{"date":143,"score":134,"percentile":144},"2025-11-10",0.78345,{"date":146,"score":134,"percentile":147},"2025-11-11",0.78347,{"date":149,"score":134,"percentile":138},"2025-11-12",{"date":151,"score":134,"percentile":152},"2025-11-13",0.78372,{"date":154,"score":134,"percentile":155},"2025-11-14",0.78379,{"date":157,"score":134,"percentile":158},"2025-11-15",0.78377,{"date":160,"score":161,"percentile":162},"2025-11-16",0.01121,0.77588,{"date":164,"score":161,"percentile":165},"2025-11-17",0.77583,{"date":167,"score":161,"percentile":168},"2025-11-18",0.76394,{"date":170,"score":161,"percentile":171},"2025-11-19",0.76401,{"date":173,"score":161,"percentile":174},"2025-11-20",0.76411,{"date":176,"score":161,"percentile":177},"2025-11-21",0.77609,{"date":179,"score":161,"percentile":177},"2025-11-22",{"date":181,"score":161,"percentile":182},"2025-11-23",0.77594,{"date":184,"score":161,"percentile":182},"2025-11-24",{"date":186,"score":161,"percentile":187},"2025-11-25",0.77601,{"date":189,"score":161,"percentile":190},"2025-11-26",0.77607,{"date":192,"score":161,"percentile":193},"2025-11-27",0.7761,{"date":195,"score":161,"percentile":187},"2025-11-28",{"date":197,"score":161,"percentile":193},"2025-11-29",{"date":199,"score":161,"percentile":200},"2025-11-30",0.77606,{"date":202,"score":203,"percentile":204},"2025-12-01",0.00941,0.75649,{"date":206,"score":203,"percentile":207},"2025-12-02",0.75656,{"date":209,"score":203,"percentile":210},"2025-12-03",0.75644,{"date":212,"score":161,"percentile":213},"2025-12-04",0.77598,{"date":215,"score":161,"percentile":216},"2025-12-05",0.77602,{"date":218,"score":161,"percentile":200},"2025-12-06",{"date":220,"score":161,"percentile":216},"2025-12-07",{"date":222,"score":161,"percentile":190},"2025-12-08",{"date":224,"score":161,"percentile":225},"2025-12-09",0.77629,{"date":227,"score":161,"percentile":228},"2025-12-10",0.77654,{"date":230,"score":161,"percentile":231},"2025-12-11",0.77668,{"date":233,"score":161,"percentile":234},"2025-12-12",0.77688,{"date":236,"score":161,"percentile":237},"2025-12-13",0.7769,{"date":239,"score":161,"percentile":240},"2025-12-14",0.77689,{"date":242,"score":161,"percentile":243},"2025-12-15",0.77685,{"date":245,"score":161,"percentile":246},"2025-12-16",0.77696,{"date":248,"score":161,"percentile":249},"2025-12-17",0.77705,{"date":251,"score":161,"percentile":252},"2025-12-18",0.77722,{"date":254,"score":161,"percentile":255},"2025-12-19",0.77735,{"date":257,"score":161,"percentile":258},"2025-12-20",0.7773,{"date":260,"score":161,"percentile":261},"2025-12-21",0.77724,{"date":263,"score":161,"percentile":261},"2025-12-22",{"date":265,"score":161,"percentile":261},"2025-12-23",{"date":267,"score":161,"percentile":268},"2025-12-24",0.77736,{"date":270,"score":161,"percentile":271},"2025-12-25",0.77754,{"date":273,"score":161,"percentile":274},"2025-12-26",0.77751,{"date":276,"score":277,"percentile":278},"2025-12-27",0.01199,0.78486,{"date":280,"score":161,"percentile":281},"2025-12-28",0.77739,{"date":283,"score":161,"percentile":268},"2025-12-29",{"date":285,"score":161,"percentile":286},"2025-12-30",0.77741,{"date":288,"score":161,"percentile":289},"2025-12-31",0.77756,{"date":291,"score":203,"percentile":292},"2026-01-01",0.75858,{"date":294,"score":203,"percentile":295},"2026-01-02",0.75863,{"date":297,"score":203,"percentile":298},"2026-01-03",0.75862,{"date":300,"score":161,"percentile":301},"2026-01-04",0.77758,{"date":303,"score":161,"percentile":304},"2026-01-05",0.7775,{"date":306,"score":161,"percentile":307},"2026-01-06",0.7776,{"date":309,"score":161,"percentile":310},"2026-01-07",0.77768,{"date":312,"score":161,"percentile":313},"2026-01-08",0.77774,{"date":315,"score":161,"percentile":316},"2026-01-09",0.77779,{"date":318,"score":161,"percentile":316},"2026-01-10",{"date":320,"score":161,"percentile":321},"2026-01-11",0.77772,{"date":323,"score":161,"percentile":324},"2026-01-12",0.77757,{"date":326,"score":161,"percentile":324},"2026-01-13",{"date":328,"score":73,"percentile":329},"2026-01-14",0.77721,{"date":331,"score":73,"percentile":261},"2026-01-15",{"date":333,"score":73,"percentile":334},"2026-01-16",0.77734,{"date":336,"score":73,"percentile":268},"2026-01-17",{"date":338,"score":73,"percentile":339},"2026-01-18",0.77732,{"date":341,"score":73,"percentile":342},"2026-01-19",0.77728,{"date":344,"score":73,"percentile":252},"2026-01-20",{"date":346,"score":73,"percentile":347},"2026-01-21",0.77727,{"date":349,"score":73,"percentile":334},"2026-01-22",{"date":351,"score":73,"percentile":352},"2026-01-23",0.77762,{"date":354,"score":73,"percentile":321},"2026-01-24",{"date":356,"score":73,"percentile":357},"2026-01-25",0.77764,{"date":359,"score":73,"percentile":360},"2026-01-26",0.77759,{"date":362,"score":73,"percentile":301},"2026-01-27",{"date":364,"score":73,"percentile":365},"2026-01-28",0.77763,{"date":367,"score":73,"percentile":360},"2026-01-29",{"date":369,"score":73,"percentile":370},"2026-01-30",0.77765,{"date":372,"score":73,"percentile":357},"2026-01-31",{"date":374,"score":375,"percentile":376},"2026-02-01",0.00929,0.75772,[378],{"source":77,"cvss_v2_0":379,"cvss_v3_0":384,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":380,"baseSeverity":9,"vectorString":381,"impactScore":382,"exploitabilityScore":383},4.3,"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":75,"baseSeverity":385,"vectorString":78,"impactScore":386,"exploitabilityScore":387},"MEDIUM",4.5,7.2,[389],{"ecosystem":9,"name":390,"vendor":9,"product":390,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":391},"PHP",[392,398,400,402,404,406,408,410,412,414,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450,452,454,456,458,460,462,464,466,468,470,472,474,476,478,480,482,484,486],{"version":393,"is_range":394,"range_type":395,"version_start":9,"version_start_type":9,"version_end":396,"version_end_type":397,"fixed_in":9},"lte5.4.37",true,"cpe","5.4.37","including",{"version":399,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0",{"version":401,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:alpha1",{"version":403,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:alpha2",{"version":405,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:alpha3",{"version":407,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:alpha4",{"version":409,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:alpha5",{"version":411,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:alpha6",{"version":413,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:beta1",{"version":415,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:beta2",{"version":417,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:beta3",{"version":419,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:beta4",{"version":421,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:rc1",{"version":423,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0:rc2",{"version":425,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.1",{"version":427,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.2",{"version":429,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.3",{"version":431,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.4",{"version":433,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.5",{"version":435,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.6",{"version":437,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.7",{"version":439,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.8",{"version":441,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.9",{"version":443,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.10",{"version":445,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.11",{"version":447,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.12",{"version":449,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.13",{"version":451,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.14",{"version":453,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.18",{"version":455,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.19",{"version":457,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.20",{"version":459,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.21",{"version":461,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.0:alpha1",{"version":463,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.0:alpha2",{"version":465,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.0:alpha3",{"version":467,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.0:alpha4",{"version":469,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.0:alpha5",{"version":471,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.0:beta1",{"version":473,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.0:beta2",{"version":475,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.0:beta3",{"version":477,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.0:beta4",{"version":479,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.1",{"version":481,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.2",{"version":483,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.3",{"version":485,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.4",{"version":487,"is_range":71,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.6.5"]