{"id":"CVE-2016-7131","details":"ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a \u003c (less than) character.","modified":"2026-04-01T23:54:26.203877Z","published":"2016-09-12T01:59:09.787Z","related":["SUSE-SU-2016:2328-1","SUSE-SU-2016:2408-1","SUSE-SU-2016:2459-1","SUSE-SU-2016:2460-1","SUSE-SU-2016:2460-2"],"references":[{"type":"ADVISORY","url":"https://www.tenable.com/security/tns-2016-19"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-2750.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201611-22"},{"type":"ADVISORY","url":"http://www.php.net/ChangeLog-5.php"},{"type":"ADVISORY","url":"http://www.php.net/ChangeLog-7.php"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/92768"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1036680"},{"type":"REPORT","url":"https://bugs.php.net/bug.php?id=72790"},{"type":"FIX","url":"https://github.com/php/php-src/commit/0c8a2a2cd1056b7dc403eacb5d2c0eec6ce47c6f"},{"type":"FIX","url":"https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b?w=1"},{"type":"ARTICLE","url":"http://openwall.com/lists/oss-security/2016/09/02/9"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"0"},{"last_affected":"60fffd296abce5fc071f3c173c25a2696cf683c6"},{"introduced":"0"},{"last_affected":"4054ec69da7631046f19d54ab06f09728a208b8b"},{"introduced":"0"},{"last_affected":"038c63cdea0472176ec2fdb162cfbd96e8c5f83e"},{"introduced":"0"},{"last_affected":"4e1b8701573698f56e12672e4991d7e6239138d2"},{"introduced":"0"},{"last_affected":"e09845d32614a19188632f410316478fbb440ebd"},{"introduced":"0"},{"last_affected":"249a8fd9ae2324c84ede7ecfca6f6026e6d87df6"},{"introduced":"0"},{"last_affected":"734a5fca2c4731e34eca551f28be9a10ffc3f3c9"},{"introduced":"0"},{"last_affected":"fb59213fc461f079bc218abf44cb5e2b4db2182c"},{"introduced":"0"},{"last_affected":"a36407215f69ba2debf77933dcb3faa0c3ba2d04"},{"introduced":"0"},{"last_affected":"9d582eba7448f1495fae62b13d95d2844ce6b28a"},{"introduced":"0"},{"last_affected":"38980c9ea4156ce52a53f9f3e1007ea3d787fa11"},{"fixed":"0c8a2a2cd1056b7dc403eacb5d2c0eec6ce47c6f"},{"fixed":"a14fdb9746262549bbbb96abb87338bacd147e1b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"7.0.0"},{"introduced":"0"},{"last_affected":"7.0.1"},{"introduced":"0"},{"last_affected":"7.0.2"},{"introduced":"0"},{"last_affected":"7.0.3"},{"introduced":"0"},{"last_affected":"7.0.4"},{"introduced":"0"},{"last_affected":"7.0.5"},{"introduced":"0"},{"last_affected":"7.0.6"},{"introduced":"0"},{"last_affected":"7.0.7"},{"introduced":"0"},{"last_affected":"7.0.8"},{"introduced":"0"},{"last_affected":"7.0.9"},{"introduced":"0"},{"last_affected":"5.6.24"}]}}],"versions":["BEFORE_ARG_INFO","BEFORE_BIG_SYMBOL_CHANGE","BEFORE_EXP_MERGE","BEFORE_FD_REAPPLY","BEFORE_FD_REVERT","BEFORE_HANDLERS_RESHUFFLE","BEFORE_HEAD_NS_CHANGE","BEFORE_HEAD_NS_CHANGES_MERGE","BEFORE_IMPORT_OF_MYSQLND","BEFORE_IMPORT_OF_MYSQLND_IN_5_3","BEFORE_NEW_OBJECT_MODEL","BEFORE_NEW_OPERATOR_FIX","BEFORE_NEW_OUTPUT_API","BEFORE_NEW_PARAMETER_PARSE","BEFORE_NS_RULES_CHANGE","BEFORE_OBJECTS_STORE","BEFORE_PARAM_PARSING_CHANGE","BEFORE_PHP4_APACHE_MODULE_CHANGE","BEFORE_PRE_SHUTDOWN_REVERSE_PATCH","BEFORE_REAL_IMPORT_OF_MYSQLND","BEFORE_REMOVING_AI_COUNT_FINAL_STEP","BEFORE_REMOVING_GC_STEP1","BEFORE_REMOVING_GC_STEP2","BEFORE_RENAMING","BEFORE_SAPIFICATION_FEB_10_2000","BEFORE_SAPI_POST_PATCH_17_FEB_2000","BEFORE_STACK_PATCH","BEFORE_UNICODE_MERGE","CLOSED_BETA","ChangeLog","INITIAL_IMPORT_SOURCEFORGE","MODERN_SYMMETRIC_SESSION_BEHAVIOUR_20021003","NEWS","NEWS-cvs2svn","NEW_UI_API_BP","PHP-4.0-RC1","PHP-5.4.1-RC1","PHP_4_3_before_13561_fix","PHP_5_0_dev_before_13561_fix","PHP_5_2_15RC1","POST_64BIT_BRANCH_MERGE","POST_AST_MERGE","POST_NATIVE_TLS_MERGE","POST_PARAMETER_PARSING_API","POST_PHP7_EREG_MYSQL_REMOVALS","POST_PHP7_NSAPI_REMOVAL","POST_PHP7_REMOVALS","POST_PHPNG_MERGE","POST_SUBST_Z_MACROS","PRE_64BIT_BRANCH_MERGE","PRE_AST_MERGE","PRE_DELAYED_ARRAY_FETCH_PATCH","PRE_EIGHT_BYTE_ALLOC_PATCH","PRE_ENGINE2_SPLIT","PRE_FETCH_READ_PATCH","PRE_FILE_COMPILE_API_CHANGE","PRE_FUNC_RETURNS_OBJECT_PATCH","PRE_GRANULAR_GARBAGE_FIX","PRE_ISSET_PATCH","PRE_ISSET_TYPE","PRE_LIBMYSQL_REVERT","PRE_LIBZEND_TO_ZEND","PRE_METHOD_CALL_SEPERATE_FIX_PATCH","PRE_METHOD_DEREFERENCE_PATCH","PRE_NATIVE_TLS_MERGE","PRE_NEW_OCI8_EXTENSION","PRE_NEW_VM_GEN_PATCH","PRE_PARAMETER_PARSING_API","PRE_PHP7_EREG_MYSQL_REMOVALS","PRE_PHP7_NSAPI_REMOVAL","PRE_PHP7_REMOVALS","PRE_PHPNG_MERGE","PRE_RETURN_REF_MERGE","PRE_RETURN_REF_PATCH","PRE_SUBST_Z_MACROS","PRE_TSRM_MERGE_PATCH","PRE_USED_RETURN_VALUE_PATCH","PRE_ZEND_VM_DISPATCH_PATCH","RELEASE_0_1","RELEASE_0_10","RELEASE_0_11","RELEASE_0_1_1","RELEASE_0_2","RELEASE_0_2_0","RELEASE_0_2_1","RELEASE_0_2_2","RELEASE_0_2_3","RELEASE_0_2_4","RELEASE_0_3","RELEASE_0_4","RELEASE_0_5","RELEASE_0_5_2","RELEASE_0_5_3","RELEASE_0_6","RELEASE_0_7","RELEASE_0_9","RELEASE_0_90","RELEASE_0_91","RELEASE_0_9_0","RELEASE_0_9_1","RELEASE_0_9_2","RELEASE_0_9_3","RELEASE_0_9_4","RELEASE_0_9b","RELEASE_1_0","RELEASE_1_0RC1","RELEASE_1_0RC2","RELEASE_1_0_0RC1","RELEASE_1_0_1","RELEASE_1_0_2","RELEASE_1_0_3","RELEASE_1_0_4","RELEASE_1_0b1","RELEASE_1_0b2","RELEASE_1_0b3","RELEASE_1_1","RELEASE_1_1_0","RELEASE_1_1_1","RELEASE_1_2","RELEASE_1_2_0","RELEASE_1_2_1","RELEASE_1_2_2","RELEASE_1_2_3","RELEASE_1_2_4","RELEASE_1_2_5","RELEASE_1_2b5","RELEASE_1_3","RELEASE_1_3_1","RELEASE_1_3_5","RELEASE_1_3b2","RELEASE_1_3b3","RELEASE_1_3b6","RELEASE_1_4","RELEASE_1_5","RELEASE_2_0_0","RELEASE_2_0_0RC1","RELEASE_2_0_0a1","RELEASE_2_0_0a2","RELEASE_2_0_0b1","RELEASE_2_0_1","RELEASE_2_0_2","RETURN_REF_BP","SAFEGUARD_3_0_BETA1_RC1_26062002","SPL_ALPHA","SQLITE_4_3_20041227","ZEND_OPTIMIZER_B1","ZO_B1","before-sapi-split","dev","help","php-4.0.0","php-4.0.1","php-4.0.1RC","php-4.0.1RC2","php-4.0.1pl1","php-4.0.2","php-4.0.2RC1","php-4.0.3","php-4.0.3RC1","php-4.0.3RC2","php-4.0.4RC3","php-4.0.4RC4","php-4.0.4RC5","php-4.0.4RC6","php-4.0.4REL","php-4.0.4pl1","php-4.0.4pl1RC1","php-4.0.4pl1RC2","php-4.0.5","php-4.0.5RC1","php-4.0.5RC2","php-4.0.5RC3","php-4.0.5RC4","php-4.0.5RC5","php-4.0.5RC6","php-4.0.5RC7","php-4.0.5RC8","php-4.0.6","php-4.0.6RC1","php-4.0.6RC2","php-4.0.6RC3","php-4.0.6RC4","php-4.0.7RC1","php-4.0.7RC2","php-4.0.7RC3","php-4.0RC1","php-4.0RC2","php-4.0b1","php-4.0b2","php-4.0b3","php-4.0b3_RC2","php-4.0b3_RC3","php-4.0b3_RC4","php-4.0b3_RC5","php-4.0b4","php-4.0b4_rc1","php-4.0b4pl1","php-4.1.0","php-4.1.0RC1","php-4.1.0RC2","php-4.1.0RC3","php-4.1.0RC4","php-4.1.0RC5","php-4.1.1","php-4.1.2","php-4.2.0","php-4.2.0RC1","php-4.2.0RC2","php-4.2.0RC3","php-4.2.0RC4","php-4.2.1","php-4.2.1RC1","php-4.2.1RC2","php-4.2.2","php-4.2.3","php-4.2.3RC1","php-4.2.3RC2","php-4.3.0","php-4.3.0RC1","php-4.3.0RC2","php-4.3.0RC3","php-4.3.0RC4","php-4.3.0dev","php-4.3.0dev-ZendEngine2","php-4.3.0dev-ZendEngine2-Preview1","php-4.3.0dev_zend2_alpha1","php-4.3.0dev_zend2_alpha2","php-4.3.0dev_zend2_alpha3","php-4.3.0pre1","php-4.3.0pre2","php-4.3.1","php-4.3.10","php-4.3.10RC1","php-4.3.10RC2","php-4.3.11","php-4.3.11RC1","php-4.3.11RC2","php-4.3.2","php-4.3.2RC1","php-4.3.2RC2","php-4.3.2RC3","php-4.3.2RC4","php-4.3.3","php-4.3.3RC1","php-4.3.3RC2","php-4.3.3RC3","php-4.3.3RC4","php-4.3.4","php-4.3.4RC1","php-4.3.4RC2","php-4.3.4RC3","php-4.3.5","php-4.3.5RC1","php-4.3.5RC2","php-4.3.5RC3","php-4.3.5RC4","php-4.3.6","php-4.3.6RC1","php-4.3.6RC2","php-4.3.6RC3","php-4.3.7","php-4.3.7RC1","php-4.3.8","php-4.3.9","php-4.3.9RC1","php-4.3.9RC2","php-4.3.9RC3","php-4.4.0","php-4.4.0RC1","php-4.4.0RC2","php-4.4.1","php-4.4.1RC1","php-4.4.2","php-4.4.2RC1","php-4.4.2RC2","php-4.4.3","php-4.4.3RC1","php-4.4.3RC2","php-4.4.4","php-4.4.4RC1","php-4.4.5","php-4.4.5RC1","php-4.4.5RC2","php-4.4.6","php-4.4.6RC1","php-4.4.7","php-4.4.7RC1","php-4.4.8","php-4.4.8RC1","php-4.4.9","php-4.4.9RC1","php-5.0.0","php-5.0.0RC1","php-5.0.0RC1RC1","php-5.0.0RC1RC2","php-5.0.0RC2","php-5.0.0RC2RC1","php-5.0.0RC2RC2","php-5.0.0RC3","php-5.0.0RC3RC1","php-5.0.0RC3RC2","php-5.0.0RC4","php-5.0.0b1","php-5.0.0b2","php-5.0.0b2RC1","php-5.0.0b3","php-5.0.0b3RC1","php-5.0.0b3RC2","php-5.0.0b4","php-5.0.0b4RC1","php-5.0.1","php-5.0.1RC1","php-5.0.1RC2","php-5.0.1b1","php-5.0.2","php-5.0.2RC1","php-5.0.3","php-5.0.3RC1","php-5.0.3RC2","php-5.0.4","php-5.0.4RC1","php-5.0.4RC2","php-5.0.5","php-5.0.5RC1","php-5.0.5RC2","php-5.1.0","php-5.1.0RC1","php-5.1.0RC2","php-5.1.0RC2_PRE","php-5.1.0RC3","php-5.1.0RC4","php-5.1.0RC5","php-5.1.0RC6","php-5.1.0b1","php-5.1.0b2","php-5.1.0b3","php-5.1.1","php-5.1.2","php-5.1.2RC1","php-5.1.2RC2","php-5.1.3","php-5.1.3RC1","php-5.1.3RC2","php-5.1.3RC3","php-5.1.4","php-5.1.5","php-5.1.5RC1","php-5.1.6","php-5.2.0","php-5.2.0RC1","php-5.2.0RC2","php-5.2.0RC3","php-5.2.0RC4","php-5.2.0RC5","php-5.2.0RC6","php-5.2.1","php-5.2.10","php-5.2.10RC1","php-5.2.10RC2","php-5.2.11","php-5.2.11RC1","php-5.2.11RC2","php-5.2.11RC3","php-5.2.12","php-5.2.12RC1","php-5.2.12RC2","php-5.2.12RC3","php-5.2.12RC4","php-5.2.13","php-5.2.13RC1","php-5.2.13RC2","php-5.2.14","php-5.2.14RC1","php-5.2.14RC2","php-5.2.14RC3","php-5.2.15","php-5.2.15RC1","php-5.2.15RC2","php-5.2.16","php-5.2.17","php-5.2.1RC1","php-5.2.1RC2","php-5.2.1RC3","php-5.2.1RC4","php-5.2.2","php-5.2.2RC1","php-5.2.2RC2","php-5.2.3","php-5.2.3RC1","php-5.2.4","php-5.2.4RC1","php-5.2.4RC2","php-5.2.4RC3","php-5.2.5","php-5.2.5RC1","php-5.2.5RC2","php-5.2.6","php-5.2.6RC1","php-5.2.6RC2","php-5.2.6RC3","php-5.2.6RC4","php-5.2.6RC5","php-5.2.7","php-5.2.7RC1","php-5.2.7RC2","php-5.2.7RC3","php-5.2.7RC4","php-5.2.7RC5","php-5.2.8","php-5.2.9","php-5.2.9RC1","php-5.2.9RC2","php-5.2.9RC3","php-5.3.0","php-5.3.0RC1","php-5.3.0RC2","php-5.3.0RC3","php-5.3.0RC4","php-5.3.0alpha1","php-5.3.0alpha2","php-5.3.0alpha3","php-5.3.0beta1","php-5.3.1","php-5.3.10","php-5.3.11","php-5.3.11RC1","php-5.3.11RC2","php-5.3.12","php-5.3.13","php-5.3.14","php-5.3.14RC1","php-5.3.14RC2","php-5.3.15","php-5.3.15RC1","php-5.3.16","php-5.3.17","php-5.3.18","php-5.3.18RC1","php-5.3.19","php-5.3.19RC1","php-5.3.1RC1","php-5.3.1RC2","php-5.3.1RC3","php-5.3.1RC4","php-5.3.2","php-5.3.20","php-5.3.20RC1","php-5.3.21","php-5.3.21RC1","php-5.3.22","php-5.3.22RC1","php-5.3.22RC2","php-5.3.23","php-5.3.23RC1","php-5.3.24","php-5.3.24RC1","php-5.3.25","php-5.3.25RC1","php-5.3.26","php-5.3.26RC1","php-5.3.27","php-5.3.27RC1","php-5.3.28","php-5.3.29","php-5.3.29RC1","php-5.3.2RC1","php-5.3.2RC2","php-5.3.2RC3","php-5.3.3","php-5.3.3RC1","php-5.3.3RC2","php-5.3.3RC3","php-5.3.4","php-5.3.4RC1","php-5.3.4RC2","php-5.3.5","php-5.3.6","php-5.3.6RC1","php-5.3.6RC2","php-5.3.6RC3","php-5.3.7","php-5.3.7RC1","php-5.3.7RC2","php-5.3.7RC3","php-5.3.7RC4","php-5.3.7RC5","php-5.3.8","php-5.3.9","php-5.3.9RC1","php-5.3.9RC2","php-5.3.9RC3","php-5.3.9RC4","php-5.4.0","php-5.4.0RC1","php-5.4.0RC2","php-5.4.0RC3","php-5.4.0RC4","php-5.4.0RC5","php-5.4.0RC6","php-5.4.0RC7","php-5.4.0RC8","php-5.4.0alpha1","php-5.4.0alpha2","php-5.4.0alpha3","php-5.4.0beta1","php-5.4.0beta2","php-5.4.1","php-5.4.10","php-5.4.10RC1","php-5.4.11","php-5.4.11RC1","php-5.4.12","php-5.4.12RC1","php-5.4.12RC2","php-5.4.13","php-5.4.13RC1","php-5.4.14","php-5.4.14RC1","php-5.4.15","php-5.4.15RC1","php-5.4.16","php-5.4.16RC1","php-5.4.17","php-5.4.17RC1","php-5.4.18","php-5.4.18RC1","php-5.4.18RC2","php-5.4.19","php-5.4.1RC1","php-5.4.1RC2","php-5.4.2","php-5.4.20","php-5.4.20RC1","php-5.4.21","php-5.4.21RC1","php-5.4.22","php-5.4.22RC1","php-5.4.23","php-5.4.23RC1","php-5.4.24","php-5.4.24RC1","php-5.4.25","php-5.4.25RC1","php-5.4.26","php-5.4.26RC1","php-5.4.27","php-5.4.27RC1","php-5.4.28","php-5.4.28RC1","php-5.4.29","php-5.4.29RC1","php-5.4.3","php-5.4.30","php-5.4.30RC1","php-5.4.31","php-5.4.31RC1","php-5.4.32","php-5.4.32RC1","php-5.4.33","php-5.4.33RC1","php-5.4.34","php-5.4.35","php-5.4.36","php-5.4.37","php-5.4.38","php-5.4.39","php-5.4.4","php-5.4.40","php-5.4.41","php-5.4.42","php-5.4.43","php-5.4.44","php-5.4.45","php-5.4.4RC1","php-5.4.4RC2","php-5.4.5","php-5.4.5RC1","php-5.4.6","php-5.4.6RC1","php-5.4.7","php-5.4.7RC1","php-5.4.8","php-5.4.8RC1","php-5.4.9","php-5.4.9RC1","php-5.5.0","php-5.5.0RC1","php-5.5.0RC2","php-5.5.0RC3","php-5.5.0alpha1","php-5.5.0alpha2","php-5.5.0alpha3","php-5.5.0alpha4","php-5.5.0alpha5","php-5.5.0alpha6","php-5.5.0beta1","php-5.5.0beta2","php-5.5.0beta3","php-5.5.0beta4","php-5.5.1","php-5.5.10","php-5.5.10RC1","php-5.5.11","php-5.5.11RC1","php-5.5.12","php-5.5.12RC1","php-5.5.13","php-5.5.13RC1","php-5.5.14","php-5.5.14RC1","php-5.5.15","php-5.5.15RC1","php-5.5.16","php-5.5.16RC1","php-5.5.17","php-5.5.17RC1","php-5.5.18","php-5.5.18RC1","php-5.5.19","php-5.5.19RC1","php-5.5.2","php-5.5.20","php-5.5.20RC1","php-5.5.21","php-5.5.21RC1","php-5.5.22","php-5.5.22RC1","php-5.5.23","php-5.5.23RC1","php-5.5.24","php-5.5.24RC1","php-5.5.25","php-5.5.25RC1","php-5.5.26","php-5.5.26RC1","php-5.5.27","php-5.5.27RC1","php-5.5.28","php-5.5.29","php-5.5.2RC1","php-5.5.3","php-5.5.30","php-5.5.31","php-5.5.32","php-5.5.33","php-5.5.34","php-5.5.35","php-5.5.36","php-5.5.37","php-5.5.38","php-5.5.4","php-5.5.4RC1","php-5.5.5","php-5.5.5RC1","php-5.5.6","php-5.5.6RC1","php-5.5.7","php-5.5.7RC1","php-5.5.8","php-5.5.8RC1","php-5.5.9","php-5.5.9RC1","php-5.6.0","php-5.6.0RC1","php-5.6.0RC2","php-5.6.0RC3","php-5.6.0RC4","php-5.6.0alpha1","php-5.6.0alpha2","php-5.6.0alpha3","php-5.6.0beta1","php-5.6.0beta2","php-5.6.0beta3","php-5.6.0beta4","php-5.6.1","php-5.6.10","php-5.6.10RC1","php-5.6.11","php-5.6.11RC1","php-5.6.12","php-5.6.12RC1","php-5.6.13","php-5.6.13RC1","php-5.6.14","php-5.6.14RC1","php-5.6.15","php-5.6.15RC1","php-5.6.16","php-5.6.16RC1","php-5.6.17","php-5.6.17RC1","php-5.6.18","php-5.6.18RC1","php-5.6.19","php-5.6.19RC1","php-5.6.1RC1","php-5.6.2","php-5.6.20","php-5.6.20RC1","php-5.6.21","php-5.6.21RC1","php-5.6.22","php-5.6.22RC1","php-5.6.23","php-5.6.23RC1","php-5.6.24","php-5.6.24RC1","php-5.6.25","php-5.6.25RC1","php-5.6.26","php-5.6.26RC1","php-5.6.27","php-5.6.27RC1","php-5.6.28","php-5.6.28RC1","php-5.6.29","php-5.6.29RC1","php-5.6.3","php-5.6.30","php-5.6.30RC1","php-5.6.31","php-5.6.32","php-5.6.33","php-5.6.34","php-5.6.35","php-5.6.36","php-5.6.37","php-5.6.38","php-5.6.39","php-5.6.3RC1","php-5.6.4","php-5.6.40","php-5.6.4RC1","php-5.6.5","php-5.6.5RC1","php-5.6.6","php-5.6.6RC1","php-5.6.7","php-5.6.7RC1","php-5.6.8","php-5.6.8RC1","php-5.6.9","php-5.6.9RC1","php-7.0.0","php-7.0.0RC1","php-7.0.0RC2","php-7.0.0RC3","php-7.0.0RC4","php-7.0.0RC5","php-7.0.0RC6","php-7.0.0RC7","php-7.0.0RC8","php-7.0.0alpha1","php-7.0.0alpha2","php-7.0.0beta1","php-7.0.0beta2","php-7.0.0beta3","php-7.0.1","php-7.0.10","php-7.0.10RC1","php-7.0.1RC1","php-7.0.2","php-7.0.2RC1","php-7.0.3","php-7.0.3RC1","php-7.0.4","php-7.0.4RC1","php-7.0.5","php-7.0.5RC1","php-7.0.6","php-7.0.6RC1","php-7.0.7","php-7.0.7RC1","php-7.0.8","php-7.0.8RC1","php-7.0.9","php-7.0.9RC1","php-7.1.0alpha1","php-7.1.0alpha2","php-7.1.0alpha3","php-7.1.0beta1","php-7.1.0beta2","php4","php5_5_0","php_ibase_before_split","xmlrpc_epi_0_51_merge_pt"],"database_specific":{"vanir_signatures":[{"target":{"function":"php_wddx_pop_element","file":"ext/wddx/wddx.c"},"source":"https://github.com/php/php-src/commit/0c8a2a2cd1056b7dc403eacb5d2c0eec6ce47c6f","signature_version":"v1","digest":{"function_hash":"243472621704310466816026209188486312828","length":3128},"id":"CVE-2016-7131-3e5d4572","deprecated":false,"signature_type":"Function"},{"target":{"file":"ext/wddx/wddx.c"},"source":"https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b","signature_version":"v1","digest":{"line_hashes":["227586690061435287287994965536507444467","171971468238865359835315510260595594604","294096788541314842492047899537980398585","39203211752148870350392571347397727161","114003824792058325898787743924612295354","324042257599249327893896841955922877651","266610581013121937022296237480834597881","117136385783754546423721084500627110644","44137497100171573864820611955448240089","153431260466363184658019689457626286979","158482252310758241378516474298821169290","173721130950342728693098650034089755027","84864854111785873586959024477215096849","188898573441791144762762604513859184083","138531317981445496527495267023563809995","263100670372584543987352143707260985591","68486984776250340094585839969057325575","148843188674208780203491168371029985762"],"threshold":0.9},"id":"CVE-2016-7131-6190c5ee","deprecated":false,"signature_type":"Line"},{"target":{"function":"php_wddx_deserialize_ex","file":"ext/wddx/wddx.c"},"source":"https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b","signature_version":"v1","digest":{"function_hash":"27721742760066615624167846450324310011","length":555},"id":"CVE-2016-7131-69699daf","deprecated":false,"signature_type":"Function"},{"target":{"file":"ext/wddx/wddx.c"},"source":"https://github.com/php/php-src/commit/0c8a2a2cd1056b7dc403eacb5d2c0eec6ce47c6f","signature_version":"v1","digest":{"line_hashes":["20836660269113468284500990585186249828","222899783497892283321114778092987738633","294096788541314842492047899537980398585","39203211752148870350392571347397727161","114003824792058325898787743924612295354","324042257599249327893896841955922877651","266610581013121937022296237480834597881","98163707120487438389306192675281043703"],"threshold":0.9},"id":"CVE-2016-7131-6ae83bb8","deprecated":false,"signature_type":"Line"},{"target":{"function":"php_wddx_pop_element","file":"ext/wddx/wddx.c"},"source":"https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b","signature_version":"v1","digest":{"function_hash":"312659420719444014877092094935802353723","length":3296},"id":"CVE-2016-7131-76ddb254","deprecated":false,"signature_type":"Function"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7131.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}