Описание
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | 5.5.9+dfsg-1ubuntu4.21 |
| precise | released | 5.3.10-1ubuntu3.26 |
| trusty | released | 5.5.9+dfsg-1ubuntu4.21 |
| trusty/esm | not-affected | 5.5.9+dfsg-1ubuntu4.21 |
| upstream | needs-triage | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE | |
| yakkety | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 7.0.15-1ubuntu2 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 7.0.15-0ubuntu0.16.04.2 |
| precise | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 7.0.15 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 7.0.15-0ubuntu0.16.04.2 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.
In all versions of PHP 7, during the unserialization process, resizing ...
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.
Уязвимость интерпретатора PHP, позволяющая нарушителю выполнить произвольный код
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3