CVE-2016-3171
- Source
- https://cve.org/CVERecord?id=CVE-2016-3171
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3171.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-3171
- Aliases
- Published
- 2016-04-12T15:59:08.963Z
- Modified
- 2026-04-10T03:50:51.894585Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation.
- References
Affected packages
Git / github.com/drupal/drupal
Affected ranges
- Type
- GIT
- Repo
- https://github.com/drupal/drupal
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "6.0" }, { "introduced": "0" }, { "last_affected": "6.0-dev" }, { "introduced": "0" }, { "last_affected": "6.1" }, { "introduced": "0" }, { "last_affected": "6.2" }, { "introduced": "0" }, { "last_affected": "6.3" }, { "introduced": "0" }, { "last_affected": "6.4" }, { "introduced": "0" }, { "last_affected": "6.5" }, { "introduced": "0" }, { "last_affected": "6.6" }, { "introduced": "0" }, { "last_affected": "6.7" }, { "introduced": "0" }, { "last_affected": "6.8" }, { "introduced": "0" }, { "last_affected": "6.9" }, { "introduced": "0" }, { "last_affected": "6.10" }, { "introduced": "0" }, { "last_affected": "6.11" }, { "introduced": "0" }, { "last_affected": "6.12" }, { "introduced": "0" }, { "last_affected": "6.13" }, { "introduced": "0" }, { "last_affected": "6.14" }, { "introduced": "0" }, { "last_affected": "6.15" }, { "introduced": "0" }, { "last_affected": "6.16" }, { "introduced": "0" }, { "last_affected": "6.17" }, { "introduced": "0" }, { "last_affected": "6.18" }, { "introduced": "0" }, { "last_affected": "6.19" }, { "introduced": "0" }, { "last_affected": "6.20" }, { "introduced": "0" }, { "last_affected": "6.21" }, { "introduced": "0" }, { "last_affected": "6.22" }, { "introduced": "0" }, { "last_affected": "6.23" }, { "introduced": "0" }, { "last_affected": "6.24" }, { "introduced": "0" }, { "last_affected": "6.25" }, { "introduced": "0" }, { "last_affected": "6.26" }, { "introduced": "0" }, { "last_affected": "6.27" }, { "introduced": "0" }, { "last_affected": "6.28" }, { "introduced": "0" }, { "last_affected": "6.29" }, { "introduced": "0" }, { "last_affected": "6.30" }, { "introduced": "0" }, { "last_affected": "6.31" }, { "introduced": "0" }, { "last_affected": "6.32" }, { "introduced": "0" }, { "last_affected": "6.33" }, { "introduced": "0" }, { "last_affected": "6.34" }, { "introduced": "0" }, { "last_affected": "6.35" }, { "introduced": "0" }, { "last_affected": "6.36" }, { "introduced": "0" }, { "last_affected": "6.37" } ] }
- Type
- GIT
- Repo
- https://github.com/php/php-src
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "7.0" }, { "introduced": "0" }, { "last_affected": "8.0" } ] }
Affected versions
1.*
1.0
2.*
2.0
3.*
3.0.1
5.*
5.0-beta-1
5.0-beta-2
5.0-rc-1
5.0-rc-2
6.*
6.0
6.0-beta-1
6.0-beta-2
6.0-beta-3
6.0-beta-4
6.0-rc-1
6.0-rc-2
6.0-rc-3
6.0-rc-4
6.1
6.10
6.11
6.12
6.13
6.14
6.15
6.16
6.17
6.18
6.19
6.2
6.20
6.21
6.22
6.23
6.24
6.25
6.26
6.27
6.28
6.29
6.3
6.30
6.31
6.32
6.33
6.34
6.35
6.36
6.37
6.4
6.5
6.6
6.7
6.8
6.9
Other
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
start
php-7.*
php-7.0.0
php-7.0.0RC1
php-7.0.0RC2
php-7.0.0RC3
php-7.0.0RC4
php-7.0.0RC5
php-7.0.0RC6
php-7.0.0RC7
php-7.0.0RC8
php-7.0.0alpha1
php-7.0.0alpha2
php-7.0.0beta1
php-7.0.0beta2
php-7.0.0beta3
php-8.*
php-8.0.0
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3171.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-beta1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-beta2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-beta3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-beta4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-rc4"
}
]
}
]