{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"critical"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2016-10045","title":"Title"},{"category":"description","text":"The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2016-10045","url":"https://www.suse.com/security/cve/CVE-2016-10045"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1021046 for CVE-2016-10045","url":"https://bugzilla.suse.com/1021046"}],"title":"SUSE CVE CVE-2016-10045","tracking":{"current_release_date":"2025-02-18T15:34:15Z","generator":{"date":"2023-02-15T04:54:29Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2016-10045","initial_release_date":"2023-02-15T04:54:29Z","revision_history":[{"date":"2023-02-15T04:54:29Z","number":"2","summary":"Current version"},{"date":"2025-01-01T09:25:06Z","number":"3","summary":"Current version"},{"date":"2025-02-18T15:34:15Z","number":"4","summary":"Current version"}],"status":"interim","version":"4"}}}