[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2016-0267":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":82,"epss":9,"epss_history":83,"metrics":84,"affected":85},"MGASA-2016-0267","Updated php/xmlrpc-epi/timezone packages fix security vulnerability\n\nStack-based buffer overflow vulnerability in virtual_file_ex()\n(CVE-2016-6289).\n\nUse After Free in unserialize() with Unexpected Session Deserialization\n(CVE-2016-6290).\n\nOut of bound read in exif_process_IFD_in_MAKERNOTE() (CVE-2016-6291).\n\nNULL Pointer Dereference in exif_process_user_comment() (CVE-2016-6292).\n\nlocale_accept_from_http() out-of-bounds access (CVE-2016-6294).\n\nUse After Free Vulnerability in SNMP with GC and unserialize()\n(CVE-2016-6295).\n\nheap-buffer-overflow (write) simplestring_addn() simplestring.c in\nphp-xmlrpc (CVE-2016-6296).\n\nStack-based buffer overflow vulnerability in php_stream_zip_opener()\n(CVE-2016-6297).\n\nThe php package has been updated to version 5.6.24, fixing these issues\nand several other bugs.  See the upstream ChangeLog for details.\n\nThe CVE-2016-6296 issue was in the xmlrpc-epi library, which has been\npatched.\n\nAdditionally, the timezone and php-timezonedb packages have been updated\nwith the latest timezone data.\n",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2016-6289",{"_key":17},"CVE-2016-6290",{"_key":19},"CVE-2016-6291",{"_key":21},"CVE-2016-6292",{"_key":23},"CVE-2016-6294",{"_key":25},"CVE-2016-6295",{"_key":27},"CVE-2016-6296",{"_key":29},"CVE-2016-6297",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2016-07-26T21:59:16Z","2026-04-16T06:22:45.276614930Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,52,57,62,66,70,74,78],{"url":47,"sources":48,"tags":50},"https://advisories.mageia.org/MGASA-2016-0267.html",[49],"osv_mageia",[51],"Advisory",{"url":53,"sources":54,"tags":55},"https://bugs.mageia.org/show_bug.cgi?id=19009",[49],[56],"REPORT",{"url":58,"sources":59,"tags":60},"http://www.php.net/ChangeLog-5.php#5.6.24",[49],[56,61],"WEB",{"url":63,"sources":64,"tags":65},"http://mm.icann.org/pipermail/tz-announce/2016-March/000036.html",[49],[56,61],{"url":67,"sources":68,"tags":69},"http://mm.icann.org/pipermail/tz-announce/2016-March/000037.html",[49],[56,61],{"url":71,"sources":72,"tags":73},"http://mm.icann.org/pipermail/tz-announce/2016-April/000038.html",[49],[56,61],{"url":75,"sources":76,"tags":77},"http://mm.icann.org/pipermail/tz-announce/2016-June/000039.html",[49],[56,61],{"url":79,"sources":80,"tags":81},"http://mm.icann.org/pipermail/tz-announce/2016-July/000040.html",[49],[56,61],[],[],[],[86,98,104,110],{"ecosystem":87,"name":88,"vendor":89,"product":88,"cpe_part":9,"purl_type":90,"purl_namespace":89,"purl_name":88,"source":9,"versions":91},"Mageia","php","mageia","rpm",[92],{"version":93,"is_range":94,"range_type":95,"version_start":9,"version_start_type":9,"version_end":96,"version_end_type":97,"fixed_in":9},"lt5_6_24_1_mga5",true,"ecosystem","5.6.24-1.mga5","excluding",{"ecosystem":87,"name":99,"vendor":89,"product":99,"cpe_part":9,"purl_type":90,"purl_namespace":89,"purl_name":99,"source":9,"versions":100},"php-timezonedb",[101],{"version":102,"is_range":94,"range_type":95,"version_start":9,"version_start_type":9,"version_end":103,"version_end_type":97,"fixed_in":9},"lt2016_6_1_mga5","2016.6-1.mga5",{"ecosystem":87,"name":105,"vendor":89,"product":105,"cpe_part":9,"purl_type":90,"purl_namespace":89,"purl_name":105,"source":9,"versions":106},"timezone",[107],{"version":108,"is_range":94,"range_type":95,"version_start":9,"version_start_type":9,"version_end":109,"version_end_type":97,"fixed_in":9},"lt2016f_1_mga5","2016f-1.mga5",{"ecosystem":87,"name":111,"vendor":89,"product":111,"cpe_part":9,"purl_type":90,"purl_namespace":89,"purl_name":111,"source":9,"versions":112},"xmlrpc-epi",[113],{"version":114,"is_range":94,"range_type":95,"version_start":9,"version_start_type":9,"version_end":115,"version_end_type":97,"fixed_in":9},"lt0_54_2_5_1_mga5","0.54.2-5.1.mga5"]