Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-jp9f-r2q5-mv5q

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 9.8

Описание

The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6834.

The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6834.

Ссылки

EPSS

Процентиль: 74%
0.00842
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2016-9936

Дефекты

CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2016-9936

CVSS3: 9.8
ubuntu
больше 8 лет назад

The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6834.

redhat логотип

CVE-2016-9936

CVSS3: 7.5
redhat
больше 8 лет назад

The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6834.

nvd логотип

CVE-2016-9936

CVSS3: 9.8
nvd
больше 8 лет назад

The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6834.

debian логотип

CVE-2016-9936

CVSS3: 9.8
debian
больше 8 лет назад

The unserialize implementation in ext/standard/var.c in PHP 7.x before ...

fstec логотип

BDU:2017-01660

fstec
больше 8 лет назад

Уязвимость реализации компонентов в ext/standard/var.c интерпретатора PHP, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

EPSS

Процентиль: 74%
0.00842
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2016-9936

Дефекты

CWE-416