[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-2984-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":82,"duplicates":83,"related":84,"reserved_at":9,"published_at":102,"modified_at":103,"state":9,"summary":104,"references_raw":106,"kevs":182,"epss":9,"epss_history":183,"metrics":184,"affected":185},"USN-2984-1","php5, php7.0 vulnerabilities\n\nIt was discovered that the PHP Fileinfo component incorrectly handled\ncertain magic files. An attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8865)\n\nHans Jerry Illikainen discovered that the PHP Zip extension incorrectly\nhandled certain malformed Zip archives. A remote attacker could use this\nissue to cause PHP to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS.\n(CVE-2016-3078)\n\nIt was discovered that PHP incorrectly handled invalid indexes in the\nSplDoublyLinkedList class. An attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-3132)\n\nIt was discovered that the PHP rawurlencode() function incorrectly handled\nlarge strings. A remote attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n16.04 LTS. (CVE-2016-4070)\n\nIt was discovered that the PHP php_snmp_error() function incorrectly\nhandled string formatting. A remote attacker could use this issue to cause\nPHP to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4071)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\nfilenames in archives. A remote attacker could use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4072)\n\nIt was discovered that the PHP mb_strcut() function incorrectly handled\nstring formatting. A remote attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4073)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\narchive files. A remote attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and\nUbuntu 15.10. (CVE-2016-4342, CVE-2016-4343)\n\nIt was discovered that the PHP bcpowmod() function incorrectly handled\nmemory. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code. \n(CVE-2016-4537, CVE-2016-4538)\n\nIt was discovered that the PHP XML parser incorrectly handled certain\nmalformed XML data. A remote attacker could possibly use this issue to\ncause PHP to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2016-4539)\n\nIt was discovered that certain PHP grapheme functions incorrectly handled\nnegative offsets. A remote attacker could possibly use this issue to cause\nPHP to crash, resulting in a denial of service. (CVE-2016-4540,\nCVE-2016-4541)\n\nIt was discovered that PHP incorrectly handled certain malformed EXIF tags.\nA remote attacker could possibly use this issue to cause PHP to crash,\nresulting in a denial of service. (CVE-2016-4542, CVE-2016-4543,\nCVE-2016-4544)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80],{"_key":15},"CVE-2015-8865",{"_key":17},"CVE-2016-3078",{"_key":19},"CVE-2016-3132",{"_key":21},"CVE-2016-4070",{"_key":23},"CVE-2016-4071",{"_key":25},"CVE-2016-4072",{"_key":27},"CVE-2016-4073",{"_key":29},"CVE-2016-4342",{"_key":31},"CVE-2016-4343",{"_key":33},"CVE-2016-4537",{"_key":35},"CVE-2016-4538",{"_key":37},"CVE-2016-4539",{"_key":39},"CVE-2016-4540",{"_key":41},"CVE-2016-4541",{"_key":43},"CVE-2016-4542",{"_key":45},"CVE-2016-4543",{"_key":47},"CVE-2016-4544",{"_key":49},"UBUNTU-CVE-2015-8865",{"_key":51},"UBUNTU-CVE-2016-3078",{"_key":53},"UBUNTU-CVE-2016-3132",{"_key":55},"UBUNTU-CVE-2016-4070",{"_key":57},"UBUNTU-CVE-2016-4071",{"_key":59},"UBUNTU-CVE-2016-4072",{"_key":61},"UBUNTU-CVE-2016-4073",{"_key":63},"UBUNTU-CVE-2016-4342",{"_key":65},"UBUNTU-CVE-2016-4343",{"_key":67},"UBUNTU-CVE-2016-4537",{"_key":69},"UBUNTU-CVE-2016-4538",{"_key":71},"UBUNTU-CVE-2016-4539",{"_key":73},"UBUNTU-CVE-2016-4540",{"_key":75},"UBUNTU-CVE-2016-4541",{"_key":77},"UBUNTU-CVE-2016-4542",{"_key":79},"UBUNTU-CVE-2016-4543",{"_key":81},"UBUNTU-CVE-2016-4544",[],[],[85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101],{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},"2016-05-24T17:31:16Z","2026-04-22T09:24:48.530084Z",{"cisa_kev":105,"cisa_ransomware":105,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[107,113,118,122,126,130,134,138,142,146,150,154,158,162,166,170,174,178],{"url":108,"sources":109,"tags":111},"https://ubuntu.com/security/notices/USN-2984-1",[110],"osv_ubuntu",[112],"Advisory",{"url":114,"sources":115,"tags":116},"https://ubuntu.com/security/CVE-2015-8865",[110],[117],"REPORT",{"url":119,"sources":120,"tags":121},"https://ubuntu.com/security/CVE-2016-3078",[110],[117],{"url":123,"sources":124,"tags":125},"https://ubuntu.com/security/CVE-2016-3132",[110],[117],{"url":127,"sources":128,"tags":129},"https://ubuntu.com/security/CVE-2016-4070",[110],[117],{"url":131,"sources":132,"tags":133},"https://ubuntu.com/security/CVE-2016-4071",[110],[117],{"url":135,"sources":136,"tags":137},"https://ubuntu.com/security/CVE-2016-4072",[110],[117],{"url":139,"sources":140,"tags":141},"https://ubuntu.com/security/CVE-2016-4073",[110],[117],{"url":143,"sources":144,"tags":145},"https://ubuntu.com/security/CVE-2016-4342",[110],[117],{"url":147,"sources":148,"tags":149},"https://ubuntu.com/security/CVE-2016-4343",[110],[117],{"url":151,"sources":152,"tags":153},"https://ubuntu.com/security/CVE-2016-4537",[110],[117],{"url":155,"sources":156,"tags":157},"https://ubuntu.com/security/CVE-2016-4538",[110],[117],{"url":159,"sources":160,"tags":161},"https://ubuntu.com/security/CVE-2016-4539",[110],[117],{"url":163,"sources":164,"tags":165},"https://ubuntu.com/security/CVE-2016-4540",[110],[117],{"url":167,"sources":168,"tags":169},"https://ubuntu.com/security/CVE-2016-4541",[110],[117],{"url":171,"sources":172,"tags":173},"https://ubuntu.com/security/CVE-2016-4542",[110],[117],{"url":175,"sources":176,"tags":177},"https://ubuntu.com/security/CVE-2016-4543",[110],[117],{"url":179,"sources":180,"tags":181},"https://ubuntu.com/security/CVE-2016-4544",[110],[117],[],[],[],[186,198],{"ecosystem":187,"name":188,"vendor":189,"product":188,"cpe_part":9,"purl_type":190,"purl_namespace":189,"purl_name":188,"source":9,"versions":191},"Ubuntu","php5","ubuntu","deb",[192],{"version":193,"is_range":194,"range_type":195,"version_start":9,"version_start_type":9,"version_end":196,"version_end_type":197,"fixed_in":9},"lt5_5_9+dfsg_1ubuntu4_17",true,"ecosystem","5.5.9+dfsg-1ubuntu4.17","excluding",{"ecosystem":187,"name":199,"vendor":189,"product":199,"cpe_part":9,"purl_type":190,"purl_namespace":189,"purl_name":199,"source":9,"versions":200},"php7.0",[201],{"version":202,"is_range":194,"range_type":195,"version_start":9,"version_start_type":9,"version_end":203,"version_end_type":197,"fixed_in":9},"lt7_0_4_7ubuntu2_1","7.0.4-7ubuntu2.1"]