{"url":"http://public2.vulnerablecode.io/api/packages/78090?format=json","purl":"pkg:ebuild/dev-lang/php@5.6.30","type":"ebuild","namespace":"dev-lang","name":"php","version":"5.6.30","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"5.6.31","latest_non_vulnerable_version":"8.3.12","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49944?format=json","vulnerability_id":"VCID-8j2y-daty-zudk","summary":"Multiple vulnerabilities have been found in PHP, the worst of which\n    could lead to arbitrary code execution or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10159.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10159.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10159","reference_id":"","reference_type":"","scores":[{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92116","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92124","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.9213","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92135","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92146","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92149","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92154","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.9216","published_at":"2026-04-16T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92158","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92161","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92159","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92169","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92182","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.9219","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92194","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92201","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08084","scoring_system":"epss","scoring_elements":"0.92221","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1419020","reference_id":"1419020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1419020"},{"reference_url":"https://security.gentoo.org/glsa/201702-29","reference_id":"GLSA-201702-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3196-1/","reference_id":"USN-3196-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3196-1/"},{"reference_url":"https://usn.ubuntu.com/3211-1/","reference_id":"USN-3211-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3211-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78090?format=json","purl":"pkg:ebuild/dev-lang/php@5.6.30","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.6.30"}],"aliases":["CVE-2016-10159"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8j2y-daty-zudk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49946?format=json","vulnerability_id":"VCID-bd4w-by3u-e3d7","summary":"Multiple vulnerabilities have been found in PHP, the worst of which\n    could lead to arbitrary code execution or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10161.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10161","reference_id":"","reference_type":"","scores":[{"value":"0.14173","scoring_system":"epss","scoring_elements":"0.9445","published_at":"2026-05-14T12:55:00Z"},{"value":"0.14173","scoring_system":"epss","scoring_elements":"0.94424","published_at":"2026-05-09T12:55:00Z"},{"value":"0.14173","scoring_system":"epss","scoring_elements":"0.94431","published_at":"2026-05-11T12:55:00Z"},{"value":"0.14173","scoring_system":"epss","scoring_elements":"0.94438","published_at":"2026-05-12T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94457","published_at":"2026-04-04T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94469","published_at":"2026-04-08T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94472","published_at":"2026-04-09T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94476","published_at":"2026-04-11T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94478","published_at":"2026-04-13T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94492","published_at":"2026-04-16T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94496","published_at":"2026-04-18T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94499","published_at":"2026-04-29T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.945","published_at":"2026-04-24T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94498","published_at":"2026-04-26T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94505","published_at":"2026-05-05T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94512","published_at":"2026-05-07T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94442","published_at":"2026-04-01T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94459","published_at":"2026-04-07T12:55:00Z"},{"value":"0.14631","scoring_system":"epss","scoring_elements":"0.94449","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1419010","reference_id":"1419010","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1419010"},{"reference_url":"https://security.gentoo.org/glsa/201702-29","reference_id":"GLSA-201702-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3196-1/","reference_id":"USN-3196-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3196-1/"},{"reference_url":"https://usn.ubuntu.com/3211-1/","reference_id":"USN-3211-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3211-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78090?format=json","purl":"pkg:ebuild/dev-lang/php@5.6.30","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.6.30"}],"aliases":["CVE-2016-10161"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bd4w-by3u-e3d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49945?format=json","vulnerability_id":"VCID-bp86-bwju-hfck","summary":"Multiple vulnerabilities have been found in PHP, the worst of which\n    could lead to arbitrary code execution or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10160.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10160.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10160","reference_id":"","reference_type":"","scores":[{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89314","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89319","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89332","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89334","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89351","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89355","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89364","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89361","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89357","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89371","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89368","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89386","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89391","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89394","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89403","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89421","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89434","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89433","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89443","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04701","scoring_system":"epss","scoring_elements":"0.89464","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1419018","reference_id":"1419018","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1419018"},{"reference_url":"https://security.gentoo.org/glsa/201702-29","reference_id":"GLSA-201702-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3196-1/","reference_id":"USN-3196-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3196-1/"},{"reference_url":"https://usn.ubuntu.com/3211-1/","reference_id":"USN-3211-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3211-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78090?format=json","purl":"pkg:ebuild/dev-lang/php@5.6.30","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.6.30"}],"aliases":["CVE-2016-10160"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bp86-bwju-hfck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49943?format=json","vulnerability_id":"VCID-btsv-fsh6-t7de","summary":"Multiple vulnerabilities have been found in PHP, the worst of which\n    could lead to arbitrary code execution or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10158.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10158.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10158","reference_id":"","reference_type":"","scores":[{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89655","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89658","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89673","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89692","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89698","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89705","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89704","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89713","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89714","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89709","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89724","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89726","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89725","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89737","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89752","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89763","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89759","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89768","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04988","scoring_system":"epss","scoring_elements":"0.89786","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1419015","reference_id":"1419015","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1419015"},{"reference_url":"https://security.gentoo.org/glsa/201702-29","reference_id":"GLSA-201702-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3196-1/","reference_id":"USN-3196-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3196-1/"},{"reference_url":"https://usn.ubuntu.com/3211-1/","reference_id":"USN-3211-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3211-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78090?format=json","purl":"pkg:ebuild/dev-lang/php@5.6.30","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.6.30"}],"aliases":["CVE-2016-10158"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-btsv-fsh6-t7de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49947?format=json","vulnerability_id":"VCID-fkxn-xery-yfav","summary":"Multiple vulnerabilities have been found in PHP, the worst of which\n    could lead to arbitrary code execution or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9935.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9935","reference_id":"","reference_type":"","scores":[{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88943","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89088","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89062","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89071","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88951","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88967","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.8897","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88988","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88993","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89005","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89001","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.88999","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89013","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89011","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89007","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89023","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89031","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89034","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89041","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89056","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04393","scoring_system":"epss","scoring_elements":"0.89067","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404731","reference_id":"1404731","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404731"},{"reference_url":"https://security.archlinux.org/ASA-201701-28","reference_id":"ASA-201701-28","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-28"},{"reference_url":"https://security.archlinux.org/AVG-105","reference_id":"AVG-105","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-105"},{"reference_url":"https://security.gentoo.org/glsa/201702-29","reference_id":"GLSA-201702-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://usn.ubuntu.com/3196-1/","reference_id":"USN-3196-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3196-1/"},{"reference_url":"https://usn.ubuntu.com/3211-1/","reference_id":"USN-3211-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3211-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78090?format=json","purl":"pkg:ebuild/dev-lang/php@5.6.30","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.6.30"}],"aliases":["CVE-2016-9935"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fkxn-xery-yfav"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.6.30"}