Search for packages
| purl | pkg:deb/debian/xmlrpc-epi@0.54.2-1 |
| Next non-vulnerable version | 0.54.2-1.2 |
| Latest non-vulnerable version | 0.54.2-1.2 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-vqw1-fjuz-aaap
Aliases: CVE-2016-6296 |
Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T11:31:21.126973+00:00 | Debian Oval Importer | Affected by | VCID-vqw1-fjuz-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T00:26:34.574399+00:00 | Debian Oval Importer | Affected by | VCID-vqw1-fjuz-aaap | None | 36.1.3 |
| 2025-06-08T04:51:18.615682+00:00 | Debian Oval Importer | Affected by | VCID-vqw1-fjuz-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T17:49:18.093719+00:00 | Debian Oval Importer | Affected by | VCID-vqw1-fjuz-aaap | None | 36.1.0 |
| 2025-04-12T20:35:41.914630+00:00 | Debian Oval Importer | Affected by | VCID-vqw1-fjuz-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T03:22:28.948043+00:00 | Debian Oval Importer | Affected by | VCID-vqw1-fjuz-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T16:25:51.760773+00:00 | Debian Oval Importer | Affected by | VCID-vqw1-fjuz-aaap | None | 36.0.0 |