CVE-2015-0235

{"id": "CVE-2015-0235", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-01-28T19:59:00.063", "references": [{"url": "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://linux.oracle.com/errata/ELSA-2015-0090.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=142296726407499&w=2", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=142721102728110&w=2", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=142722450701342&w=2", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=142781412222323&w=2", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=143145428124857&w=2", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0126.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2015/Jan/111", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2019/Jun/18", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2021/Sep/0", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2022/Jun/36", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/oss-sec/2015/q1/269", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/oss-sec/2015/q1/274", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62517", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62640", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62667", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62680", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62681", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62688", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62690", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62691", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62692", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62698", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62715", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62758", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62812", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62813", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62816", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62865", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62870", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62871", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62879", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/62883", "tags": ["Not Applicable"], "source": "secalert@redhat.com"}, {"url": "http://support.apple.com/kb/HT204942", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695695", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695774", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695835", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695860", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696131", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696243", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696526", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696600", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696602", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696618", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2015/dsa-3142", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf", "tags": ["Broken Link", "URL Repurposed"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "tags": ["Exploit", "Mailing List"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/534845/100/0/threaded", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/72325", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id/1032909", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "tags": ["Broken Link", "Permissions Required"], "source": "secalert@redhat.com"}, {"url": "https://bto.bluecoat.com/security-advisory/sa90", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10100", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://seclists.org/bugtraq/2019/Jun/14", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/201503-04", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20150127-0001/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/HT205267", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/HT205375", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.f-secure.com/en/web/labs_global/fsc-2015-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\""}, {"lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n __nss_hostname_digits_dots en glibc 2.2, y otras versiones 2.x anteriores a 2.18, permite a atacantes dependientes de contexto ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con la funci\u00edn (1) gethostbyname o (2) gethostbyname2, tambi\u00e9n conocido como 'GHOST.'"}], "lastModified": "2024-02-14T01:17:43.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66C0FCBE-FCED-4169-AEED-E70F5B34094D", "versionEndExcluding": "2.18", "versionStartIncluding": "2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03E73D34-9239-46F7-9E98-4132964B2CD8", "versionEndExcluding": "3.7.1"}, {"criteria": "cpe:2.3:a:oracle:communications_eagle_application_processor:16.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9FDB6EE-EC5D-44F2-AEA0-0B605D5C6742"}, {"criteria": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D195BC4C-DAC2-4C71-B83B-4149E86B5F42"}, {"criteria": "cpe:2.3:a:oracle:communications_lsms:13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E14AECDA-5C63-40F0-81FF-17BBFA487577"}, {"criteria": "cpe:2.3:a:oracle:communications_policy_management:9.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CFEA80F-FC5D-4DAA-8810-3C26F6D8377F"}, {"criteria": "cpe:2.3:a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C1B1DA1-CB11-42D6-9F28-C1588A7A7D45"}, {"criteria": "cpe:2.3:a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F696923E-E5AB-4473-B404-A6CCB33B6DB8"}, {"criteria": "cpe:2.3:a:oracle:communications_policy_management:11.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6234C878-15CE-4B71-B825-DA088554A2FD"}, {"criteria": "cpe:2.3:a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE69A446-E765-4141-83F6-B58EA7E3783A"}, {"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11A5042B-79F8-4A86-996A-F56B925AAA05", "versionEndExcluding": "7.2.0"}, {"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:7.2.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F38C38F-5669-448C-9566-783BEC7AB04B"}, {"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F59AE20-7B9D-47A5-9E0D-A73F4A0E7D34"}, {"criteria": "cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D37A84E-1FC0-43B2-A8E5-A8E3B26EF0E0", "versionEndIncluding": "10.0.1", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFDB5ADE-F4DF-4054-8628-5EF6C5DB864B"}, {"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59C4F882-5B42-43E6-9CCC-D2AB23117A7C"}, {"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "726DB59B-00C7-444E-83F7-CB31032482AB"}, {"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB059A52-DE6D-47FB-98E8-5A788E1C0FC0"}, {"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D70580AD-2134-49D3-BE15-020023A10E87"}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90F6AEA6-D52A-4655-9B89-CE5F8AA21E95", "versionEndExcluding": "5.1.24"}, {"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B"}, {"criteria": "cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1137279-81F0-4F6B-8E91-95590106BADF"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37BA55FC-D350-4DEB-9802-40AF59C99E79"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC5E0720-43A6-4E46-83B2-A9C228824AB3", "versionEndExcluding": "10.11.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:pureapplication_system:1.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D7AB60B-E38B-42C7-B785-D9520C1F5564"}, {"criteria": "cpe:2.3:a:ibm:pureapplication_system:1.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D657332-C9B9-4E7B-89D9-5AEF3501141A"}, {"criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2"}, {"criteria": "cpe:2.3:a:ibm:security_access_manager_for_enterprise_single_sign-on:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18430B37-84B3-4B88-A256-7BE9B48A3A52"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82D9C83C-2968-4C63-851D-AE8DBEF02296", "versionEndExcluding": "5.4.38", "versionStartIncluding": "5.4.0"}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B70DA5B9-36FC-44F1-A372-4A736D1CB043", "versionEndExcluding": "5.5.22", "versionStartIncluding": "5.5.0"}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E88B9450-0A63-4FEA-98FE-AE92F7E54AA9", "versionEndExcluding": "5.6.6", "versionStartIncluding": "5.6.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}