[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2016:1581-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":76,"duplicates":77,"related":78,"reserved_at":9,"published_at":110,"modified_at":111,"state":9,"summary":112,"references_raw":114,"kevs":355,"epss":9,"epss_history":356,"metrics":357,"affected":358},"SUSE-SU-2016:1581-1","Security update for php53\n\n\nThis update for php53 fixes the following issues:\n\n- CVE-2016-5093: A get_icu_value_internal out-of-bounds read could crash the php interpreter (bsc#982010)\n- CVE-2016-5094,CVE-2016-5095: Don't allow creating strings with lengths outside int range, avoids overflows (bsc#982011,bsc#982012)\n- CVE-2016-5096: A int/size_t confusion in fread could corrupt memory (bsc#982013)\n- CVE-2016-5114: A fpm_log.c memory leak and buffer overflow could leak information out of the php process or overwrite a buffer by 1 byte (bsc#982162)\n- CVE-2016-4346: A heap overflow was fixed in ext/standard/string.c (bsc#977994)\n- CVE-2016-4342: A heap corruption was fixed in tar/zip/phar parser (bsc#977991)\n- CVE-2016-4537, CVE-2016-4538: bcpowmod accepted negative scale causing heap buffer overflow corrupting _one_ definition (bsc#978827)\n- CVE-2016-4539: Malformed input causes segmentation fault in xml_parse_into_struct() function (bsc#978828)\n- CVE-2016-4540, CVE-2016-4541: Out-of-bounds memory read in zif_grapheme_stripos when given negative offset (bsc#978829)\n- CVE-2016-4542, CVE-2016-4543, CVE-2016-4544: Out-of-bounds heap memory\n  read in exif_read_data() caused by malformed input (bsc#978830)\n- CVE-2015-4116: Use-after-free vulnerability in the spl_ptr_heap_insert\n  function  (bsc#980366)\n- CVE-2015-8873: Stack consumption vulnerability in Zend/zend_exceptions.c (bsc#980373)\n- CVE-2015-8874: Stack consumption vulnerability in GD (bsc#980375)\n- CVE-2015-8879: odbc_bindcols function in ext/odbc/php_odbc.c mishandles\n  driver behavior for SQL_WVARCHAR (bsc#981050)\n\nAlso fixed previously on SUSE Linux Enterprise 11 SP4, but not yet shipped to SUSE Linux Enterprise Server 11 SP3 LTSS:\n- CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792).\n- CVE-2015-8835: SoapClient s_call method suffered from a type confusion\n  issue that could have lead to crashes [bsc#973351]\n- CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could\n  lead to crashes. [bsc#968284]\n- CVE-2015-7803: A Stack overflow vulnerability when decompressing tar\n  phar archives could potentially lead to code execution. [bsc#949961]\n- CVE-2016-3141: A use-after-free / double-free in the WDDX\n  deserialization could lead to crashes or potential code\n  execution. [bsc#969821]\n- CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912]\n- CVE-2014-9767: A directory traversal when extracting zip files was\n  fixed that could lead to overwritten files. [bsc#971612]\n- CVE-2016-3185: A type confusion vulnerability in\n  make_http_soap_request() could lead to crashes or potentially code\n  execution. [bsc#971611]\n- CVE-2016-4073: A remote attacker could have caused denial of service,\n  or possibly execute arbitrary code, due to incorrect handling of string\n  length calculations in mb_strcut() (bsc#977003)\n- CVE-2015-8867: The PHP function openssl_random_pseudo_bytes() did not\n  return cryptographically secure random bytes (bsc#977005)\n- CVE-2016-4070: The libxml_disable_entity_loader() setting was shared\n  between threads, which could have resulted in XML external entity\n  injection and entity expansion issues (bsc#976997)\n- CVE-2015-8866: A remote attacker could have caused denial of service\n  due to incorrect handling of large strings in php_raw_url_encode()\n  (bsc#976996)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74],{"_key":15},"CVE-2014-9767",{"_key":17},"CVE-2015-4116",{"_key":19},"CVE-2015-7803",{"_key":21},"CVE-2015-8835",{"_key":23},"CVE-2015-8838",{"_key":25},"CVE-2015-8866",{"_key":27},"CVE-2015-8867",{"_key":29},"CVE-2015-8873",{"_key":31},"CVE-2015-8874",{"_key":33},"CVE-2015-8879",{"_key":35},"CVE-2016-2554",{"_key":37},"CVE-2016-3141",{"_key":39},"CVE-2016-3142",{"_key":41},"CVE-2016-3185",{"_key":43},"CVE-2016-4070",{"_key":45},"CVE-2016-4073",{"_key":47},"CVE-2016-4342",{"_key":49},"CVE-2016-4346",{"_key":51},"CVE-2016-4537",{"_key":53},"CVE-2016-4538",{"_key":55},"CVE-2016-4539",{"_key":57},"CVE-2016-4540",{"_key":59},"CVE-2016-4541",{"_key":61},"CVE-2016-4542",{"_key":63},"CVE-2016-4543",{"_key":65},"CVE-2016-4544",{"_key":67},"CVE-2016-5093",{"_key":69},"CVE-2016-5094",{"_key":71},"CVE-2016-5095",{"_key":73},"CVE-2016-5096",{"_key":75},"CVE-2016-5114",[],[],[79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},"2016-06-14T14:31:52Z","2025-05-02T04:04:16.592825Z",{"cisa_kev":113,"cisa_ransomware":113,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[115,121,126,130,134,138,142,146,150,154,158,162,166,170,174,178,182,186,190,194,198,202,206,210,214,218,222,226,230,235,239,243,247,251,255,259,263,267,271,275,279,283,287,291,295,299,303,307,311,315,319,323,327,331,335,339,343,347,351],{"url":116,"sources":117,"tags":119},"https://www.suse.com/support/update/announcement/2016/suse-su-20161581-1/",[118],"osv_suse",[120],"Advisory",{"url":122,"sources":123,"tags":124},"https://bugzilla.suse.com/949961",[118],[125],"REPORT",{"url":127,"sources":128,"tags":129},"https://bugzilla.suse.com/968284",[118],[125],{"url":131,"sources":132,"tags":133},"https://bugzilla.suse.com/969821",[118],[125],{"url":135,"sources":136,"tags":137},"https://bugzilla.suse.com/971611",[118],[125],{"url":139,"sources":140,"tags":141},"https://bugzilla.suse.com/971612",[118],[125],{"url":143,"sources":144,"tags":145},"https://bugzilla.suse.com/971912",[118],[125],{"url":147,"sources":148,"tags":149},"https://bugzilla.suse.com/973351",[118],[125],{"url":151,"sources":152,"tags":153},"https://bugzilla.suse.com/973792",[118],[125],{"url":155,"sources":156,"tags":157},"https://bugzilla.suse.com/976996",[118],[125],{"url":159,"sources":160,"tags":161},"https://bugzilla.suse.com/976997",[118],[125],{"url":163,"sources":164,"tags":165},"https://bugzilla.suse.com/977003",[118],[125],{"url":167,"sources":168,"tags":169},"https://bugzilla.suse.com/977005",[118],[125],{"url":171,"sources":172,"tags":173},"https://bugzilla.suse.com/977991",[118],[125],{"url":175,"sources":176,"tags":177},"https://bugzilla.suse.com/977994",[118],[125],{"url":179,"sources":180,"tags":181},"https://bugzilla.suse.com/978827",[118],[125],{"url":183,"sources":184,"tags":185},"https://bugzilla.suse.com/978828",[118],[125],{"url":187,"sources":188,"tags":189},"https://bugzilla.suse.com/978829",[118],[125],{"url":191,"sources":192,"tags":193},"https://bugzilla.suse.com/978830",[118],[125],{"url":195,"sources":196,"tags":197},"https://bugzilla.suse.com/980366",[118],[125],{"url":199,"sources":200,"tags":201},"https://bugzilla.suse.com/980373",[118],[125],{"url":203,"sources":204,"tags":205},"https://bugzilla.suse.com/980375",[118],[125],{"url":207,"sources":208,"tags":209},"https://bugzilla.suse.com/981050",[118],[125],{"url":211,"sources":212,"tags":213},"https://bugzilla.suse.com/982010",[118],[125],{"url":215,"sources":216,"tags":217},"https://bugzilla.suse.com/982011",[118],[125],{"url":219,"sources":220,"tags":221},"https://bugzilla.suse.com/982012",[118],[125],{"url":223,"sources":224,"tags":225},"https://bugzilla.suse.com/982013",[118],[125],{"url":227,"sources":228,"tags":229},"https://bugzilla.suse.com/982162",[118],[125],{"url":231,"sources":232,"tags":233},"https://www.suse.com/security/cve/CVE-2014-9767",[118],[234],"WEB",{"url":236,"sources":237,"tags":238},"https://www.suse.com/security/cve/CVE-2015-4116",[118],[234],{"url":240,"sources":241,"tags":242},"https://www.suse.com/security/cve/CVE-2015-7803",[118],[234],{"url":244,"sources":245,"tags":246},"https://www.suse.com/security/cve/CVE-2015-8835",[118],[234],{"url":248,"sources":249,"tags":250},"https://www.suse.com/security/cve/CVE-2015-8838",[118],[234],{"url":252,"sources":253,"tags":254},"https://www.suse.com/security/cve/CVE-2015-8866",[118],[234],{"url":256,"sources":257,"tags":258},"https://www.suse.com/security/cve/CVE-2015-8867",[118],[234],{"url":260,"sources":261,"tags":262},"https://www.suse.com/security/cve/CVE-2015-8873",[118],[234],{"url":264,"sources":265,"tags":266},"https://www.suse.com/security/cve/CVE-2015-8874",[118],[234],{"url":268,"sources":269,"tags":270},"https://www.suse.com/security/cve/CVE-2015-8879",[118],[234],{"url":272,"sources":273,"tags":274},"https://www.suse.com/security/cve/CVE-2016-2554",[118],[234],{"url":276,"sources":277,"tags":278},"https://www.suse.com/security/cve/CVE-2016-3141",[118],[234],{"url":280,"sources":281,"tags":282},"https://www.suse.com/security/cve/CVE-2016-3142",[118],[234],{"url":284,"sources":285,"tags":286},"https://www.suse.com/security/cve/CVE-2016-3185",[118],[234],{"url":288,"sources":289,"tags":290},"https://www.suse.com/security/cve/CVE-2016-4070",[118],[234],{"url":292,"sources":293,"tags":294},"https://www.suse.com/security/cve/CVE-2016-4073",[118],[234],{"url":296,"sources":297,"tags":298},"https://www.suse.com/security/cve/CVE-2016-4342",[118],[234],{"url":300,"sources":301,"tags":302},"https://www.suse.com/security/cve/CVE-2016-4346",[118],[234],{"url":304,"sources":305,"tags":306},"https://www.suse.com/security/cve/CVE-2016-4537",[118],[234],{"url":308,"sources":309,"tags":310},"https://www.suse.com/security/cve/CVE-2016-4538",[118],[234],{"url":312,"sources":313,"tags":314},"https://www.suse.com/security/cve/CVE-2016-4539",[118],[234],{"url":316,"sources":317,"tags":318},"https://www.suse.com/security/cve/CVE-2016-4540",[118],[234],{"url":320,"sources":321,"tags":322},"https://www.suse.com/security/cve/CVE-2016-4541",[118],[234],{"url":324,"sources":325,"tags":326},"https://www.suse.com/security/cve/CVE-2016-4542",[118],[234],{"url":328,"sources":329,"tags":330},"https://www.suse.com/security/cve/CVE-2016-4543",[118],[234],{"url":332,"sources":333,"tags":334},"https://www.suse.com/security/cve/CVE-2016-4544",[118],[234],{"url":336,"sources":337,"tags":338},"https://www.suse.com/security/cve/CVE-2016-5093",[118],[234],{"url":340,"sources":341,"tags":342},"https://www.suse.com/security/cve/CVE-2016-5094",[118],[234],{"url":344,"sources":345,"tags":346},"https://www.suse.com/security/cve/CVE-2016-5095",[118],[234],{"url":348,"sources":349,"tags":350},"https://www.suse.com/security/cve/CVE-2016-5096",[118],[234],{"url":352,"sources":353,"tags":354},"https://www.suse.com/security/cve/CVE-2016-5114",[118],[234],[],[],[],[359,372,376,380,384,388,392,396],{"ecosystem":360,"name":361,"vendor":362,"product":363,"cpe_part":9,"purl_type":364,"purl_namespace":362,"purl_name":363,"source":9,"versions":365},"SUSE Linux Enterprise","php53","suse","php53&distro=SUSE Linux Enterprise Server 11 SP3-LTSS","rpm",[366],{"version":367,"is_range":368,"range_type":369,"version_start":9,"version_start_type":9,"version_end":370,"version_end_type":371,"fixed_in":9},"lt5_3_17_71_1",true,"ecosystem","5.3.17-71.1","excluding",{"ecosystem":360,"name":361,"vendor":362,"product":373,"cpe_part":9,"purl_type":364,"purl_namespace":362,"purl_name":373,"source":9,"versions":374},"php53&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA",[375],{"version":367,"is_range":368,"range_type":369,"version_start":9,"version_start_type":9,"version_end":370,"version_end_type":371,"fixed_in":9},{"ecosystem":360,"name":361,"vendor":362,"product":377,"cpe_part":9,"purl_type":364,"purl_namespace":362,"purl_name":377,"source":9,"versions":378},"php53&distro=SUSE Linux Enterprise Server 11 SP4",[379],{"version":367,"is_range":368,"range_type":369,"version_start":9,"version_start_type":9,"version_end":370,"version_end_type":371,"fixed_in":9},{"ecosystem":360,"name":361,"vendor":362,"product":381,"cpe_part":9,"purl_type":364,"purl_namespace":362,"purl_name":381,"source":9,"versions":382},"php53&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4",[383],{"version":367,"is_range":368,"range_type":369,"version_start":9,"version_start_type":9,"version_end":370,"version_end_type":371,"fixed_in":9},{"ecosystem":360,"name":361,"vendor":362,"product":385,"cpe_part":9,"purl_type":364,"purl_namespace":362,"purl_name":385,"source":9,"versions":386},"php53&distro=SUSE Linux Enterprise Software Development Kit 11 SP4",[387],{"version":367,"is_range":368,"range_type":369,"version_start":9,"version_start_type":9,"version_end":370,"version_end_type":371,"fixed_in":9},{"ecosystem":360,"name":361,"vendor":362,"product":389,"cpe_part":9,"purl_type":364,"purl_namespace":362,"purl_name":389,"source":9,"versions":390},"php53&distro=SUSE Manager 2.1",[391],{"version":367,"is_range":368,"range_type":369,"version_start":9,"version_start_type":9,"version_end":370,"version_end_type":371,"fixed_in":9},{"ecosystem":360,"name":361,"vendor":362,"product":393,"cpe_part":9,"purl_type":364,"purl_namespace":362,"purl_name":393,"source":9,"versions":394},"php53&distro=SUSE Manager Proxy 2.1",[395],{"version":367,"is_range":368,"range_type":369,"version_start":9,"version_start_type":9,"version_end":370,"version_end_type":371,"fixed_in":9},{"ecosystem":360,"name":361,"vendor":362,"product":397,"cpe_part":9,"purl_type":364,"purl_namespace":362,"purl_name":397,"source":9,"versions":398},"php53&distro=SUSE OpenStack Cloud 5",[399],{"version":367,"is_range":368,"range_type":369,"version_start":9,"version_start_type":9,"version_end":370,"version_end_type":371,"fixed_in":9}]