[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-3247":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":185,"aliases":186,"duplicate_of":9,"upstream":187,"downstream":188,"duplicates":223,"related":224,"reserved_at":9,"published_at":231,"modified_at":232,"state":233,"summary":234,"references_raw":243,"kevs":251,"epss":252,"epss_history":255,"metrics":519,"affected":531},"CVE-2023-3247","In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. \n\n",null,[11,20],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-252","Unchecked Return Value","The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.","weakness","Draft","Base","Low",[],{"_key":21,"id":21,"name":22,"description":23,"type":15,"status":24,"abstraction":25,"likelihood_of_exploit":26,"capec":27},"CWE-330","Use of Insufficiently Random Values","The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.","Stable","Class","High",[28,153,181],{"id":29,"name":30,"techniques":31},"CAPEC-112","Brute Force",[32],{"id":33,"name":30,"tactics":34,"countermeasures":38},"T1110",[35],{"id":36,"name":37},"TA0031","Credential Access",[39,44,48,52,56,60,64,68,72,76,80,84,88,92,97,101,106,111,115,119,123,127,131,135,139,144,149],{"id":40,"name":41,"tactic":42},"D3-CCSA","Credential Compromise Scope Analysis",{"name":43},"Detect",{"id":45,"name":46,"tactic":47},"D3-AEM","Application Exception Monitoring",{"name":43},{"id":49,"name":50,"tactic":51},"D3-OPM","Operational Process Monitoring",{"name":43},{"id":53,"name":54,"tactic":55},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":43},{"id":57,"name":58,"tactic":59},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":43},{"id":61,"name":62,"tactic":63},"D3-CSPP","Client-server Payload Profiling",{"name":43},{"id":65,"name":66,"tactic":67},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":43},{"id":69,"name":70,"tactic":71},"D3-NTSA","Network Traffic Signature Analysis",{"name":43},{"id":73,"name":74,"tactic":75},"D3-APCA","Application Protocol Command Analysis",{"name":43},{"id":77,"name":78,"tactic":79},"D3-NTCD","Network Traffic Community Deviation",{"name":43},{"id":81,"name":82,"tactic":83},"D3-RTSD","Remote Terminal Session Detection",{"name":43},{"id":85,"name":86,"tactic":87},"D3-CAA","Connection Attempt Analysis",{"name":43},{"id":89,"name":90,"tactic":91},"D3-ANAA","Administrative Network Activity Analysis",{"name":43},{"id":93,"name":94,"tactic":95},"D3-CR","Credential Revocation",{"name":96},"Evict",{"id":98,"name":99,"tactic":100},"D3-ANCI","Authentication Cache Invalidation",{"name":96},{"id":102,"name":103,"tactic":104},"D3-DUC","Decoy User Credential",{"name":105},"Deceive",{"id":107,"name":108,"tactic":109},"D3-CH","Credential Hardening",{"name":110},"Harden",{"id":112,"name":113,"tactic":114},"D3-MFA","Multi-factor Authentication",{"name":110},{"id":116,"name":117,"tactic":118},"D3-CRO","Credential Rotation",{"name":110},{"id":120,"name":121,"tactic":122},"D3-PR","Password Rotation",{"name":110},{"id":124,"name":125,"tactic":126},"D3-PWA","Password Authentication",{"name":110},{"id":128,"name":129,"tactic":130},"D3-CDP","Change Default Password",{"name":110},{"id":132,"name":133,"tactic":134},"D3-SPP","Strong Password Policy",{"name":110},{"id":136,"name":137,"tactic":138},"D3-OTP","One-time Password",{"name":110},{"id":140,"name":141,"tactic":142},"D3-RIC","Reissue Credential",{"name":143},"Restore",{"id":145,"name":146,"tactic":147},"D3-CTS","Credential Transmission Scoping",{"name":148},"Isolate",{"id":150,"name":151,"tactic":152},"D3-NTF","Network Traffic Filtering",{"name":148},{"id":154,"name":155,"techniques":156},"CAPEC-485","Signature Spoofing by Key Recreation",[157],{"id":158,"name":159,"tactics":160,"countermeasures":162},"T1552.004","Private Keys",[161],{"id":36,"name":37},[163,165,167,169,171,173,175,177,179],{"id":40,"name":41,"tactic":164},{"name":43},{"id":93,"name":94,"tactic":166},{"name":96},{"id":98,"name":99,"tactic":168},{"name":96},{"id":102,"name":103,"tactic":170},{"name":105},{"id":107,"name":108,"tactic":172},{"name":110},{"id":112,"name":113,"tactic":174},{"name":110},{"id":116,"name":117,"tactic":176},{"name":110},{"id":140,"name":141,"tactic":178},{"name":143},{"id":145,"name":146,"tactic":180},{"name":148},{"id":182,"name":183,"techniques":184},"CAPEC-59","Session Credential Falsification through Prediction",[],[],[],[],[189,191,193,195,197,199,201,203,205,207,209,211,213,215,217,219,221],{"_key":190},"SUSE-SU-2023:2980-1",{"_key":192},"SUSE-SU-2023:2848-1",{"_key":194},"SUSE-SU-2023:2610-1",{"_key":196},"SUSE-SU-2023:2828-1",{"_key":198},"OPENSUSE-SU-2024:13267-1",{"_key":200},"DLA-3458-1",{"_key":202},"DSA-5424-1",{"_key":204},"DSA-5425-1",{"_key":206},"RHSA-2023:5926",{"_key":208},"RHSA-2023:5927",{"_key":210},"RHSA-2024:0387",{"_key":212},"RHSA-2024:10952",{"_key":214},"MGASA-2023-0234",{"_key":216},"USN-6199-1",{"_key":218},"UBUNTU-CVE-2023-3247",{"_key":220},"DEBIAN-CVE-2023-3247",{"_key":222},"USN-6199-2",[],[225,226,227,228,229,230],{"_key":190},{"_key":192},{"_key":194},{"_key":196},{"_key":198},{"_key":214},"2023-07-22T04:17:09.896Z","2024-10-15T20:34:03.327Z","Modified",{"cisa_kev":235,"cisa_ransomware":235,"cisa_vendor":9,"epss_severity":236,"epss_score":237,"severity":238,"severity_score":239,"severity_version":240,"severity_source":241,"severity_vector":242,"severity_status":233},false,"low",0.00316,"medium",4.3,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",[244],{"url":245,"sources":246,"tags":248},"https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw",[247,241],"cve.org",[249,250],"Patch","Vendor Advisory",[],{"date":253,"score":237,"percentile":254},"2026-06-04",0.55002,[256,260,263,266,269,272,275,278,281,284,287,290,293,296,299,303,306,309,312,315,318,321,324,326,329,332,335,338,341,344,347,350,353,356,359,362,365,368,370,373,376,378,381,383,386,389,392,395,398,401,403,406,409,412,416,418,420,423,426,429,432,435,438,441,444,447,450,453,456,458,461,464,467,470,473,476,479,482,485,488,491,494,497,500,503,506,509,511,514,517],{"date":257,"score":258,"percentile":259},"2025-11-04",0.00232,0.45981,{"date":261,"score":258,"percentile":262},"2025-11-05",0.45967,{"date":264,"score":258,"percentile":265},"2025-11-06",0.45979,{"date":267,"score":258,"percentile":268},"2025-11-07",0.46006,{"date":270,"score":258,"percentile":271},"2025-11-08",0.46003,{"date":273,"score":258,"percentile":274},"2025-11-09",0.45986,{"date":276,"score":258,"percentile":277},"2025-11-10",0.45952,{"date":279,"score":258,"percentile":280},"2025-11-11",0.45971,{"date":282,"score":258,"percentile":283},"2025-11-12",0.46002,{"date":285,"score":258,"percentile":286},"2025-11-13",0.4601,{"date":288,"score":258,"percentile":289},"2025-11-14",0.46025,{"date":291,"score":258,"percentile":292},"2025-11-15",0.4602,{"date":294,"score":258,"percentile":295},"2025-11-16",0.46005,{"date":297,"score":258,"percentile":298},"2025-11-17",0.45983,{"date":300,"score":301,"percentile":302},"2025-11-18",0.00323,0.52349,{"date":304,"score":301,"percentile":305},"2025-11-19",0.5236,{"date":307,"score":301,"percentile":308},"2025-11-20",0.5235,{"date":310,"score":258,"percentile":311},"2025-11-21",0.45975,{"date":313,"score":258,"percentile":314},"2025-11-22",0.45974,{"date":316,"score":258,"percentile":317},"2025-11-23",0.45947,{"date":319,"score":258,"percentile":320},"2025-11-24",0.45936,{"date":322,"score":258,"percentile":323},"2025-11-25",0.45944,{"date":325,"score":258,"percentile":317},"2025-11-26",{"date":327,"score":258,"percentile":328},"2025-11-27",0.45955,{"date":330,"score":258,"percentile":331},"2025-11-28",0.45921,{"date":333,"score":258,"percentile":334},"2025-11-29",0.45903,{"date":336,"score":258,"percentile":337},"2025-11-30",0.45889,{"date":339,"score":258,"percentile":340},"2025-12-01",0.46031,{"date":342,"score":258,"percentile":343},"2025-12-02",0.46046,{"date":345,"score":258,"percentile":346},"2025-12-03",0.46039,{"date":348,"score":258,"percentile":349},"2025-12-04",0.4588,{"date":351,"score":258,"percentile":352},"2025-12-05",0.45902,{"date":354,"score":258,"percentile":355},"2025-12-06",0.45899,{"date":357,"score":258,"percentile":358},"2025-12-07",0.45882,{"date":360,"score":258,"percentile":361},"2025-12-08",0.45887,{"date":363,"score":258,"percentile":364},"2025-12-09",0.45918,{"date":366,"score":258,"percentile":367},"2025-12-10",0.45982,{"date":369,"score":258,"percentile":295},"2025-12-11",{"date":371,"score":258,"percentile":372},"2025-12-12",0.46036,{"date":374,"score":258,"percentile":375},"2025-12-13",0.46018,{"date":377,"score":258,"percentile":295},"2025-12-14",{"date":379,"score":258,"percentile":380},"2025-12-15",0.45988,{"date":382,"score":258,"percentile":283},"2025-12-16",{"date":384,"score":258,"percentile":385},"2025-12-17",0.46027,{"date":387,"score":258,"percentile":388},"2025-12-18",0.46071,{"date":390,"score":258,"percentile":391},"2025-12-19",0.46079,{"date":393,"score":258,"percentile":394},"2025-12-20",0.46052,{"date":396,"score":258,"percentile":397},"2025-12-21",0.46022,{"date":399,"score":258,"percentile":400},"2025-12-22",0.46,{"date":402,"score":258,"percentile":271},"2025-12-23",{"date":404,"score":258,"percentile":405},"2025-12-24",0.46014,{"date":407,"score":258,"percentile":408},"2025-12-25",0.46059,{"date":410,"score":258,"percentile":411},"2025-12-26",0.46044,{"date":413,"score":414,"percentile":415},"2025-12-27",0.00156,0.37023,{"date":417,"score":258,"percentile":314},"2025-12-28",{"date":419,"score":258,"percentile":328},"2025-12-29",{"date":421,"score":258,"percentile":422},"2025-12-30",0.4595,{"date":424,"score":258,"percentile":425},"2025-12-31",0.45993,{"date":427,"score":258,"percentile":428},"2026-01-01",0.4615,{"date":430,"score":258,"percentile":431},"2026-01-02",0.46126,{"date":433,"score":258,"percentile":434},"2026-01-03",0.46112,{"date":436,"score":258,"percentile":437},"2026-01-04",0.45934,{"date":439,"score":258,"percentile":440},"2026-01-05",0.45915,{"date":442,"score":258,"percentile":443},"2026-01-06",0.4592,{"date":445,"score":258,"percentile":446},"2026-01-07",0.45938,{"date":448,"score":258,"percentile":449},"2026-01-08",0.45962,{"date":451,"score":258,"percentile":452},"2026-01-09",0.45932,{"date":454,"score":258,"percentile":455},"2026-01-10",0.45924,{"date":457,"score":258,"percentile":352},"2026-01-11",{"date":459,"score":258,"percentile":460},"2026-01-12",0.45858,{"date":462,"score":258,"percentile":463},"2026-01-13",0.45827,{"date":465,"score":258,"percentile":466},"2026-01-14",0.45879,{"date":468,"score":258,"percentile":469},"2026-01-15",0.45872,{"date":471,"score":258,"percentile":472},"2026-01-16",0.45893,{"date":474,"score":258,"percentile":475},"2026-01-17",0.4587,{"date":477,"score":258,"percentile":478},"2026-01-18",0.45842,{"date":480,"score":258,"percentile":481},"2026-01-19",0.45812,{"date":483,"score":258,"percentile":484},"2026-01-20",0.4581,{"date":486,"score":258,"percentile":487},"2026-01-21",0.45814,{"date":489,"score":258,"percentile":490},"2026-01-22",0.45816,{"date":492,"score":258,"percentile":493},"2026-01-23",0.45867,{"date":495,"score":258,"percentile":496},"2026-01-24",0.45875,{"date":498,"score":258,"percentile":499},"2026-01-25",0.45821,{"date":501,"score":258,"percentile":502},"2026-01-26",0.45788,{"date":504,"score":258,"percentile":505},"2026-01-27",0.45791,{"date":507,"score":258,"percentile":508},"2026-01-28",0.458,{"date":510,"score":258,"percentile":502},"2026-01-29",{"date":512,"score":258,"percentile":513},"2026-01-30",0.45798,{"date":515,"score":258,"percentile":516},"2026-01-31",0.45806,{"date":518,"score":258,"percentile":446},"2026-02-01",[520,527],{"source":247,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":521,"cvss_v4_0":9},{"baseScore":522,"baseSeverity":523,"vectorString":524,"impactScore":525,"exploitabilityScore":526},2.6,"LOW","CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",2.3,3.1,{"source":241,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":528,"cvss_v4_0":9},{"baseScore":239,"baseSeverity":529,"vectorString":242,"impactScore":525,"exploitabilityScore":530},"MEDIUM",7.2,[532,550],{"ecosystem":9,"name":533,"vendor":9,"product":533,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":534},"PHP",[535,542,546],{"version":536,"is_range":537,"range_type":247,"version_start":538,"version_start_type":539,"version_end":540,"version_end_type":541,"fixed_in":9},">= 8.0.*, \u003C 8.0.29",true,"8.0.*","including","8.0.29","excluding",{"version":543,"is_range":537,"range_type":247,"version_start":544,"version_start_type":539,"version_end":545,"version_end_type":541,"fixed_in":9},">= 8.1.*, \u003C 8.1.20","8.1.*","8.1.20",{"version":547,"is_range":537,"range_type":247,"version_start":548,"version_start_type":539,"version_end":549,"version_end_type":541,"fixed_in":9},">= 8.2.*, \u003C 8.2.7","8.2.*","8.2.7",{"ecosystem":9,"name":533,"vendor":9,"product":533,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":551},[552,556,559],{"version":553,"is_range":537,"range_type":554,"version_start":555,"version_start_type":539,"version_end":540,"version_end_type":541,"fixed_in":9},"gte8.0.0_lt8.0.29","cpe","8.0.0",{"version":557,"is_range":537,"range_type":554,"version_start":558,"version_start_type":539,"version_end":545,"version_end_type":541,"fixed_in":9},"gte8.1.0_lt8.1.20","8.1.0",{"version":560,"is_range":537,"range_type":554,"version_start":561,"version_start_type":539,"version_end":549,"version_end_type":541,"fixed_in":9},"gte8.2.0_lt8.2.7","8.2.0"]