Описание
ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| php7.3 | not-affected | package | ||
| php7.2 | not-affected | package | ||
| php7.1 | not-affected | package | ||
| php7.0 | not-affected | package | ||
| php5 | not-affected | package |
Примечания
https://bugs.php.net/bug.php?id=77177
EPSS
Связанные уязвимости
ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
Уязвимость компонента ext/standard/var_unserializer.c интерпретатора языка программирования PHP , позволяющая нарушителю вызвать отказ в обслуживании
EPSS