[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-31628":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":34,"aliases":35,"duplicate_of":9,"upstream":36,"downstream":37,"duplicates":78,"related":79,"reserved_at":9,"published_at":90,"modified_at":91,"state":92,"summary":93,"references_raw":102,"kevs":140,"epss":141,"epss_history":144,"metrics":414,"affected":426},"CVE-2022-31628","In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress \"quines\" gzip files, resulting in an infinite loop.",null,[11,27],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-674","Uncontrolled Recursion","The product does not properly control the amount of recursion that takes place,  consuming excessive resources, such as allocated memory or the program stack.","weakness","Draft","Class",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-230","Serialized Data with Nested Payloads",[],{"id":24,"name":25,"techniques":26},"CAPEC-231","Oversized Serialized Data Payloads",[],{"_key":28,"id":28,"name":29,"description":30,"type":15,"status":31,"abstraction":32,"likelihood_of_exploit":9,"capec":33},"CWE-835","Loop with Unreachable Exit Condition ('Infinite Loop')","The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.","Incomplete","Base",[],[],[],[],[38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76],{"_key":39},"RHSA-2023:0848",{"_key":41},"RHSA-2023:0965",{"_key":43},"RHSA-2023:2417",{"_key":45},"RHSA-2023:2903",{"_key":47},"SUSE-SU-2022:3957-1",{"_key":49},"SUSE-SU-2022:4068-1",{"_key":51},"SUSE-SU-2022:3661-1",{"_key":53},"SUSE-SU-2022:3830-1",{"_key":55},"SUSE-SU-2022:3997-1",{"_key":57},"SUSE-SU-2022:4067-1",{"_key":59},"SUSE-SU-2022:4069-1",{"_key":61},"OPENSUSE-SU-2024:12377-1",{"_key":63},"OPENSUSE-SU-2024:12384-1",{"_key":65},"DLA-3243-1",{"_key":67},"DSA-5277-1",{"_key":69},"MGASA-2022-0362",{"_key":71},"UBUNTU-CVE-2022-31628",{"_key":73},"USN-5717-1",{"_key":75},"DEBIAN-CVE-2022-31628",{"_key":77},"USN-5905-1",[],[80,81,82,83,84,85,86,87,88,89],{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":69},"2022-09-28T22:25:09.309Z","2025-05-20T20:24:57.733Z","Modified",{"cisa_kev":94,"cisa_ransomware":94,"cisa_vendor":9,"epss_severity":95,"epss_score":96,"severity":97,"severity_score":98,"severity_version":99,"severity_source":100,"severity_vector":101,"severity_status":92},false,"low",0.00014,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[103,110,115,119,123,127,131,135],{"url":104,"sources":105,"tags":107},"https://bugs.php.net/bug.php?id=81726",[106,100],"cve.org",[108,109],"Permissions Required","Third Party Advisory",{"url":111,"sources":112,"tags":113},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",[106,100],[114],"Vendor Advisory",{"url":116,"sources":117,"tags":118},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/",[106,100],[114],{"url":120,"sources":121,"tags":122},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/",[106,100],[114],{"url":124,"sources":125,"tags":126},"https://www.debian.org/security/2022/dsa-5277",[106,100],[114,109],{"url":128,"sources":129,"tags":130},"https://security.gentoo.org/glsa/202211-03",[106,100],[114,109],{"url":132,"sources":133,"tags":134},"https://security.netapp.com/advisory/ntap-20221209-0001/",[106,100],[109],{"url":136,"sources":137,"tags":138},"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html",[106,100],[139,109],"Mailing List",[],{"date":142,"score":96,"percentile":143},"2026-06-04",0.02615,[145,149,152,155,158,161,164,167,170,173,176,179,182,185,188,192,195,198,201,204,207,210,213,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,299,302,305,309,312,315,318,321,324,327,330,334,337,340,343,346,349,352,355,357,360,363,366,369,372,375,377,380,383,386,389,391,393,396,399,402,406,409,411],{"date":146,"score":147,"percentile":148},"2025-11-04",0.00031,0.07903,{"date":150,"score":147,"percentile":151},"2025-11-05",0.07933,{"date":153,"score":147,"percentile":154},"2025-11-06",0.08043,{"date":156,"score":147,"percentile":157},"2025-11-07",0.0807,{"date":159,"score":147,"percentile":160},"2025-11-08",0.08078,{"date":162,"score":147,"percentile":163},"2025-11-09",0.08042,{"date":165,"score":147,"percentile":166},"2025-11-10",0.08011,{"date":168,"score":147,"percentile":169},"2025-11-11",0.08003,{"date":171,"score":147,"percentile":172},"2025-11-12",0.08021,{"date":174,"score":147,"percentile":175},"2025-11-13",0.08062,{"date":177,"score":147,"percentile":178},"2025-11-14",0.08127,{"date":180,"score":147,"percentile":181},"2025-11-15",0.08166,{"date":183,"score":147,"percentile":184},"2025-11-16",0.08182,{"date":186,"score":147,"percentile":187},"2025-11-17",0.08172,{"date":189,"score":190,"percentile":191},"2025-11-18",0.00102,0.23992,{"date":193,"score":190,"percentile":194},"2025-11-19",0.24019,{"date":196,"score":190,"percentile":197},"2025-11-20",0.2403,{"date":199,"score":147,"percentile":200},"2025-11-21",0.08316,{"date":202,"score":147,"percentile":203},"2025-11-22",0.08257,{"date":205,"score":147,"percentile":206},"2025-11-23",0.0825,{"date":208,"score":147,"percentile":209},"2025-11-24",0.08241,{"date":211,"score":147,"percentile":212},"2025-11-25",0.08236,{"date":214,"score":147,"percentile":215},"2025-11-26",0.08244,{"date":217,"score":147,"percentile":218},"2025-11-27",0.08246,{"date":220,"score":147,"percentile":221},"2025-11-28",0.08229,{"date":223,"score":147,"percentile":224},"2025-11-29",0.08264,{"date":226,"score":147,"percentile":227},"2025-11-30",0.08263,{"date":229,"score":147,"percentile":230},"2025-12-01",0.08295,{"date":232,"score":147,"percentile":233},"2025-12-02",0.08315,{"date":235,"score":147,"percentile":236},"2025-12-03",0.08338,{"date":238,"score":147,"percentile":239},"2025-12-04",0.08326,{"date":241,"score":147,"percentile":242},"2025-12-05",0.08342,{"date":244,"score":147,"percentile":245},"2025-12-06",0.08361,{"date":247,"score":147,"percentile":248},"2025-12-07",0.08367,{"date":250,"score":147,"percentile":251},"2025-12-08",0.08362,{"date":253,"score":147,"percentile":254},"2025-12-09",0.08401,{"date":256,"score":147,"percentile":257},"2025-12-10",0.08469,{"date":259,"score":147,"percentile":260},"2025-12-11",0.08508,{"date":262,"score":147,"percentile":263},"2025-12-12",0.08517,{"date":265,"score":147,"percentile":266},"2025-12-13",0.08526,{"date":268,"score":147,"percentile":269},"2025-12-14",0.08523,{"date":271,"score":147,"percentile":272},"2025-12-15",0.08451,{"date":274,"score":147,"percentile":275},"2025-12-16",0.08475,{"date":277,"score":147,"percentile":278},"2025-12-17",0.08554,{"date":280,"score":147,"percentile":281},"2025-12-18",0.08607,{"date":283,"score":147,"percentile":284},"2025-12-19",0.08612,{"date":286,"score":147,"percentile":287},"2025-12-20",0.08601,{"date":289,"score":147,"percentile":290},"2025-12-21",0.08539,{"date":292,"score":147,"percentile":293},"2025-12-22",0.08492,{"date":295,"score":147,"percentile":296},"2025-12-23",0.08503,{"date":298,"score":147,"percentile":263},"2025-12-24",{"date":300,"score":147,"percentile":301},"2025-12-25",0.08594,{"date":303,"score":147,"percentile":304},"2025-12-26",0.08595,{"date":306,"score":307,"percentile":308},"2025-12-27",0.00036,0.10251,{"date":310,"score":147,"percentile":311},"2025-12-28",0.08599,{"date":313,"score":147,"percentile":314},"2025-12-29",0.0858,{"date":316,"score":147,"percentile":317},"2025-12-30",0.08545,{"date":319,"score":147,"percentile":320},"2025-12-31",0.08597,{"date":322,"score":147,"percentile":323},"2026-01-01",0.08656,{"date":325,"score":147,"percentile":326},"2026-01-02",0.08653,{"date":328,"score":147,"percentile":329},"2026-01-03",0.08646,{"date":331,"score":332,"percentile":333},"2026-01-04",0.00032,0.08903,{"date":335,"score":332,"percentile":336},"2026-01-05",0.08871,{"date":338,"score":332,"percentile":339},"2026-01-06",0.08855,{"date":341,"score":332,"percentile":342},"2026-01-07",0.08886,{"date":344,"score":332,"percentile":345},"2026-01-08",0.08959,{"date":347,"score":332,"percentile":348},"2026-01-09",0.08968,{"date":350,"score":332,"percentile":351},"2026-01-10",0.0897,{"date":353,"score":332,"percentile":354},"2026-01-11",0.08919,{"date":356,"score":332,"percentile":333},"2026-01-12",{"date":358,"score":332,"percentile":359},"2026-01-13",0.08869,{"date":361,"score":332,"percentile":362},"2026-01-14",0.08913,{"date":364,"score":332,"percentile":365},"2026-01-15",0.08912,{"date":367,"score":332,"percentile":368},"2026-01-16",0.08947,{"date":370,"score":147,"percentile":371},"2026-01-17",0.0861,{"date":373,"score":147,"percentile":374},"2026-01-18",0.08569,{"date":376,"score":147,"percentile":266},"2026-01-19",{"date":378,"score":147,"percentile":379},"2026-01-20",0.08483,{"date":381,"score":147,"percentile":382},"2026-01-21",0.08466,{"date":384,"score":147,"percentile":385},"2026-01-22",0.08437,{"date":387,"score":147,"percentile":388},"2026-01-23",0.08532,{"date":390,"score":147,"percentile":320},"2026-01-24",{"date":392,"score":147,"percentile":374},"2026-01-25",{"date":394,"score":147,"percentile":395},"2026-01-26",0.08529,{"date":397,"score":147,"percentile":398},"2026-01-27",0.08525,{"date":400,"score":147,"percentile":401},"2026-01-28",0.085,{"date":403,"score":404,"percentile":405},"2026-01-29",0.00033,0.09225,{"date":407,"score":404,"percentile":408},"2026-01-30",0.09234,{"date":410,"score":404,"percentile":408},"2026-01-31",{"date":412,"score":404,"percentile":413},"2026-02-01",0.09258,[415,421],{"source":106,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":416,"cvss_v4_0":9},{"baseScore":417,"baseSeverity":418,"vectorString":419,"impactScore":417,"exploitabilityScore":420},2.3,"LOW","CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",2.1,{"source":100,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":422,"cvss_v4_0":9},{"baseScore":98,"baseSeverity":423,"vectorString":101,"impactScore":424,"exploitabilityScore":425},"MEDIUM",6,4.6,[427,438,448,466],{"ecosystem":9,"name":428,"vendor":429,"product":430,"cpe_part":431,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":432},"debian linux","debian","debian_linux","o",[433,436],{"version":434,"is_range":94,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"version":437,"is_range":94,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"ecosystem":9,"name":439,"vendor":440,"product":439,"cpe_part":431,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":441},"fedora","fedoraproject",[442,444,446],{"version":443,"is_range":94,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"35",{"version":445,"is_range":94,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"36",{"version":447,"is_range":94,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"37",{"ecosystem":9,"name":449,"vendor":9,"product":449,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":450},"PHP",[451,458,462],{"version":452,"is_range":453,"range_type":106,"version_start":454,"version_start_type":455,"version_end":456,"version_end_type":457,"fixed_in":9},">= 7.4.X, \u003C 7.4.31",true,"7.4.X","including","7.4.31","excluding",{"version":459,"is_range":453,"range_type":106,"version_start":460,"version_start_type":455,"version_end":461,"version_end_type":457,"fixed_in":9},">= 8.0.X, \u003C 8.0.24","8.0.X","8.0.24",{"version":463,"is_range":453,"range_type":106,"version_start":464,"version_start_type":455,"version_end":465,"version_end_type":457,"fixed_in":9},">= 8.1.X, \u003C 8.1.11","8.1.X","8.1.11",{"ecosystem":9,"name":449,"vendor":9,"product":449,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":467},[468,470,473],{"version":469,"is_range":453,"range_type":435,"version_start":9,"version_start_type":9,"version_end":456,"version_end_type":457,"fixed_in":9},"lt7.4.31",{"version":471,"is_range":453,"range_type":435,"version_start":472,"version_start_type":455,"version_end":461,"version_end_type":457,"fixed_in":9},"gte8.0.0_lt8.0.24","8.0.0",{"version":474,"is_range":453,"range_type":435,"version_start":475,"version_start_type":455,"version_end":465,"version_end_type":457,"fixed_in":9},"gte8.1.0_lt8.1.11","8.1.0"]