Using that info disclosure, I google'd your debian based php.
https://security-tracker.debian.org/tracker/source-package/php5
The most interesting one for me is trivial hash complexity DoS attack
https://security-tracker.debian.org/tracker/TEMP-0800564-79703B
https://github.com/bk2204/php-hash-dos
How do I know if my PHP app is vulnerable?
If your PHP app accepts JSON or YAML input from the user, or accepts untrusted input and inserts that input as keys in a hash, your application is likely vulnerable. An example JSON file with 1048576 entries is in the example directory. You can upload part or all of this file to your application and see how it performs.
On a 2.8 GHz Core i7, a JSON file containing 65536 entries takes the scripts/exploited.php script 5.358 seconds to process with PHP 7. With twice as many entries, it takes 21 seconds to process. PHP 5.6 performs much worse: the smaller file itself takes 22 seconds.