[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-5772":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":30,"duplicate_of":9,"upstream":31,"downstream":32,"duplicates":51,"related":52,"reserved_at":9,"published_at":57,"modified_at":58,"state":59,"summary":60,"references_raw":68,"kevs":141,"epss":142,"epss_history":145,"metrics":392,"affected":401},"CVE-2016-5772","Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-415","Double Free","The product calls free() twice on the same memory address.","weakness","Draft","Variant","High",[],[21],{"_key":22,"name":23,"source":24,"url":25,"maturity":26,"reliability_score":27,"verified":28,"type":9,"platforms":29,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_D5DC17E0D0E701C4","Exploit Reference (bugs.php.net)","reference","https://bugs.php.net/bug.php?id=72340","unknown",0.2,false,[],[],[],[33,35,37,39,41,43,45,47,49],{"_key":34},"SUSE-SU-2016:2013-1",{"_key":36},"SUSE-SU-2016:2080-1",{"_key":38},"SUSE-SU-2016:1842-1",{"_key":40},"DLA-628-1",{"_key":42},"DSA-3618-1",{"_key":44},"MGASA-2016-0238",{"_key":46},"UBUNTU-CVE-2016-5772",{"_key":48},"USN-3045-1",{"_key":50},"RHSA-2016:2750",[],[53,54,55,56],{"_key":34},{"_key":36},{"_key":38},{"_key":44},"2016-08-07T10:00:00.000Z","2024-08-06T01:15:09.073Z","Modified",{"cisa_kev":28,"cisa_ransomware":28,"cisa_vendor":9,"epss_severity":61,"epss_score":62,"severity":63,"severity_score":64,"severity_version":65,"severity_source":66,"severity_vector":67,"severity_status":59},"medium",0.15935,"critical",9.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[69,77,85,90,94,99,104,109,114,119,123,127,131,137],{"url":70,"sources":71,"tags":73},"http://github.com/php/php-src/commit/a44c89e8af7c2410f4bfc5e097be2a5d0639a60c?w=1",[72,66],"cve.org",[74,75,76],"X Refsource CONFIRM","Patch","Third Party Advisory",{"url":78,"sources":79,"tags":80},"http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html",[72,66],[81,82,83,84,76],"Vendor Advisory","X Refsource APPLE","Broken Link","Mailing List",{"url":86,"sources":87,"tags":88},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html",[72,66],[81,89,84,76],"X Refsource SUSE",{"url":91,"sources":92,"tags":93},"http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html",[72,66],[81,89,84,76],{"url":95,"sources":96,"tags":97},"http://rhn.redhat.com/errata/RHSA-2016-2750.html",[72,66],[81,98,76],"X Refsource REDHAT",{"url":100,"sources":101,"tags":102},"http://php.net/ChangeLog-5.php",[72,66],[74,75,103,81],"Release Notes",{"url":25,"sources":105,"tags":106},[72,66],[74,107,108,81],"Exploit","Issue Tracking",{"url":110,"sources":111,"tags":112},"http://www.openwall.com/lists/oss-security/2016/06/23/4",[72,66],[84,113,75,76],"X Refsource MLIST",{"url":115,"sources":116,"tags":117},"http://www.debian.org/security/2016/dsa-3618",[72,66],[81,118,76],"X Refsource DEBIAN",{"url":120,"sources":121,"tags":122},"http://php.net/ChangeLog-7.php",[72,66],[74,103,81],{"url":124,"sources":125,"tags":126},"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",[72,66],[74,76],{"url":128,"sources":129,"tags":130},"https://support.apple.com/HT207170",[72,66],[74,76],{"url":132,"sources":133,"tags":134},"http://www.securityfocus.com/bid/91398",[72,66],[135,136,76],"VDB Entry","X Refsource BID",{"url":138,"sources":139,"tags":140},"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html",[72,66],[81,89,84,76],[],{"date":143,"score":62,"percentile":144},"2026-06-04",0.94882,[146,150,153,155,158,161,163,166,169,172,175,178,180,182,184,187,190,193,196,199,202,205,208,211,214,216,218,220,223,226,229,232,235,237,240,243,246,249,252,255,257,259,262,265,268,271,274,277,280,282,284,286,289,292,296,298,300,303,306,309,312,315,318,320,322,324,326,328,330,333,336,338,342,345,348,351,354,357,359,362,365,368,371,373,376,378,381,384,386,389],{"date":147,"score":148,"percentile":149},"2025-11-04",0.1531,0.94328,{"date":151,"score":148,"percentile":152},"2025-11-05",0.94326,{"date":154,"score":148,"percentile":149},"2025-11-06",{"date":156,"score":148,"percentile":157},"2025-11-07",0.94331,{"date":159,"score":148,"percentile":160},"2025-11-08",0.94333,{"date":162,"score":148,"percentile":157},"2025-11-09",{"date":164,"score":148,"percentile":165},"2025-11-10",0.94332,{"date":167,"score":148,"percentile":168},"2025-11-11",0.94334,{"date":170,"score":148,"percentile":171},"2025-11-12",0.94338,{"date":173,"score":148,"percentile":174},"2025-11-13",0.9434,{"date":176,"score":148,"percentile":177},"2025-11-14",0.94342,{"date":179,"score":148,"percentile":171},"2025-11-15",{"date":181,"score":148,"percentile":177},"2025-11-16",{"date":183,"score":148,"percentile":174},"2025-11-17",{"date":185,"score":148,"percentile":186},"2025-11-18",0.94056,{"date":188,"score":148,"percentile":189},"2025-11-19",0.94059,{"date":191,"score":148,"percentile":192},"2025-11-20",0.94064,{"date":194,"score":148,"percentile":195},"2025-11-21",0.9435,{"date":197,"score":148,"percentile":198},"2025-11-22",0.94348,{"date":200,"score":148,"percentile":201},"2025-11-23",0.94351,{"date":203,"score":148,"percentile":204},"2025-11-24",0.94353,{"date":206,"score":148,"percentile":207},"2025-11-25",0.94355,{"date":209,"score":148,"percentile":210},"2025-11-26",0.94357,{"date":212,"score":148,"percentile":213},"2025-11-27",0.94359,{"date":215,"score":148,"percentile":207},"2025-11-28",{"date":217,"score":148,"percentile":210},"2025-11-29",{"date":219,"score":148,"percentile":210},"2025-11-30",{"date":221,"score":148,"percentile":222},"2025-12-01",0.94401,{"date":224,"score":148,"percentile":225},"2025-12-02",0.94402,{"date":227,"score":148,"percentile":228},"2025-12-03",0.94403,{"date":230,"score":148,"percentile":231},"2025-12-04",0.94356,{"date":233,"score":148,"percentile":234},"2025-12-05",0.94358,{"date":236,"score":148,"percentile":234},"2025-12-06",{"date":238,"score":148,"percentile":239},"2025-12-07",0.94363,{"date":241,"score":148,"percentile":242},"2025-12-08",0.94364,{"date":244,"score":148,"percentile":245},"2025-12-09",0.94369,{"date":247,"score":148,"percentile":248},"2025-12-10",0.94376,{"date":250,"score":148,"percentile":251},"2025-12-11",0.94379,{"date":253,"score":148,"percentile":254},"2025-12-12",0.94381,{"date":256,"score":148,"percentile":254},"2025-12-13",{"date":258,"score":148,"percentile":251},"2025-12-14",{"date":260,"score":148,"percentile":261},"2025-12-15",0.94383,{"date":263,"score":148,"percentile":264},"2025-12-16",0.94385,{"date":266,"score":148,"percentile":267},"2025-12-17",0.94388,{"date":269,"score":148,"percentile":270},"2025-12-18",0.94391,{"date":272,"score":148,"percentile":273},"2025-12-19",0.94393,{"date":275,"score":148,"percentile":276},"2025-12-20",0.94394,{"date":278,"score":148,"percentile":279},"2025-12-21",0.94399,{"date":281,"score":148,"percentile":279},"2025-12-22",{"date":283,"score":148,"percentile":279},"2025-12-23",{"date":285,"score":148,"percentile":228},"2025-12-24",{"date":287,"score":148,"percentile":288},"2025-12-25",0.9441,{"date":290,"score":148,"percentile":291},"2025-12-26",0.94408,{"date":293,"score":294,"percentile":295},"2025-12-27",0.09269,0.92498,{"date":297,"score":148,"percentile":291},"2025-12-28",{"date":299,"score":148,"percentile":291},"2025-12-29",{"date":301,"score":148,"percentile":302},"2025-12-30",0.94409,{"date":304,"score":148,"percentile":305},"2025-12-31",0.94413,{"date":307,"score":148,"percentile":308},"2026-01-01",0.94456,{"date":310,"score":148,"percentile":311},"2026-01-02",0.9445,{"date":313,"score":148,"percentile":314},"2026-01-03",0.94446,{"date":316,"score":148,"percentile":317},"2026-01-04",0.94407,{"date":319,"score":148,"percentile":225},"2026-01-05",{"date":321,"score":148,"percentile":225},"2026-01-06",{"date":323,"score":148,"percentile":228},"2026-01-07",{"date":325,"score":148,"percentile":317},"2026-01-08",{"date":327,"score":148,"percentile":317},"2026-01-09",{"date":329,"score":148,"percentile":302},"2026-01-10",{"date":331,"score":148,"percentile":332},"2026-01-11",0.94406,{"date":334,"score":148,"percentile":335},"2026-01-12",0.94404,{"date":337,"score":148,"percentile":332},"2026-01-13",{"date":339,"score":340,"percentile":341},"2026-01-14",0.13168,0.939,{"date":343,"score":340,"percentile":344},"2026-01-15",0.93901,{"date":346,"score":340,"percentile":347},"2026-01-16",0.93906,{"date":349,"score":62,"percentile":350},"2026-01-17",0.94546,{"date":352,"score":62,"percentile":353},"2026-01-18",0.94544,{"date":355,"score":62,"percentile":356},"2026-01-19",0.94541,{"date":358,"score":62,"percentile":350},"2026-01-20",{"date":360,"score":62,"percentile":361},"2026-01-21",0.94547,{"date":363,"score":62,"percentile":364},"2026-01-22",0.9455,{"date":366,"score":62,"percentile":367},"2026-01-23",0.94558,{"date":369,"score":62,"percentile":370},"2026-01-24",0.94562,{"date":372,"score":62,"percentile":370},"2026-01-25",{"date":374,"score":62,"percentile":375},"2026-01-26",0.94563,{"date":377,"score":62,"percentile":375},"2026-01-27",{"date":379,"score":62,"percentile":380},"2026-01-28",0.94566,{"date":382,"score":62,"percentile":383},"2026-01-29",0.94568,{"date":385,"score":62,"percentile":383},"2026-01-30",{"date":387,"score":62,"percentile":388},"2026-01-31",0.9457,{"date":390,"score":62,"percentile":391},"2026-02-01",0.94608,[393],{"source":66,"cvss_v2_0":394,"cvss_v3_0":9,"cvss_v3_1":399,"cvss_v4_0":9},{"baseScore":395,"baseSeverity":9,"vectorString":396,"impactScore":397,"exploitabilityScore":398},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":64,"baseSeverity":400,"vectorString":67,"impactScore":64,"exploitabilityScore":398},"CRITICAL",[402,411,417,421,438,446,451],{"ecosystem":9,"name":403,"vendor":404,"product":405,"cpe_part":406,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":407},"debian linux","debian","debian_linux","o",[408],{"version":409,"is_range":28,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"ecosystem":9,"name":412,"vendor":413,"product":412,"cpe_part":406,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":414},"leap","opensuse",[415],{"version":416,"is_range":28,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.1",{"ecosystem":9,"name":413,"vendor":413,"product":413,"cpe_part":406,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":418},[419],{"version":420,"is_range":28,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.2",{"ecosystem":9,"name":422,"vendor":9,"product":422,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":423},"PHP",[424,429,434],{"version":425,"is_range":426,"range_type":410,"version_start":9,"version_start_type":9,"version_end":427,"version_end_type":428,"fixed_in":9},"lt5.5.37",true,"5.5.37","excluding",{"version":430,"is_range":426,"range_type":410,"version_start":431,"version_start_type":432,"version_end":433,"version_end_type":428,"fixed_in":9},"gte5.6.0_lt5.6.23","5.6.0","including","5.6.23",{"version":435,"is_range":426,"range_type":410,"version_start":436,"version_start_type":432,"version_end":437,"version_end_type":428,"fixed_in":9},"gte7.0.0_lt7.0.8","7.0.0","7.0.8",{"ecosystem":9,"name":439,"vendor":440,"product":441,"cpe_part":442,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":443},"linux enterprise debuginfo","suse","linux_enterprise_debuginfo","a",[444],{"version":445,"is_range":28,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11:sp4",{"ecosystem":9,"name":447,"vendor":440,"product":448,"cpe_part":406,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":449},"linux enterprise server","linux_enterprise_server",[450],{"version":445,"is_range":28,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":452,"vendor":440,"product":453,"cpe_part":406,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":454},"linux enterprise software development kit","linux_enterprise_software_development_kit",[455],{"version":445,"is_range":28,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]