Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-11144

Опубликовано: 10 июл. 2017
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 5
CVSS3: 7.5

Описание

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

5.5.9+dfsg-1ubuntu4.22
precise/esm

not-affected

5.3.10-1ubuntu3.28
trusty

released

5.5.9+dfsg-1ubuntu4.22
trusty/esm

not-affected

5.5.9+dfsg-1ubuntu4.22
upstream

released

5.6.31
vivid/ubuntu-core

DNE

xenial

DNE

yakkety

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

7.0.22-0ubuntu0.16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

7.0.21
vivid/ubuntu-core

DNE

xenial

released

7.0.22-0ubuntu0.16.04.1

Показывать по

РелизСтатусПримечание
artful

released

7.1.8-1ubuntu1
devel

released

7.1.8-1ubuntu1
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

7.1.7
vivid/ubuntu-core

DNE

xenial

DNE

yakkety

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 95%
0.16583
Средний

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-11144

CVSS3: 5.9
redhat
около 8 лет назад

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.

nvd логотип

CVE-2017-11144

CVSS3: 7.5
nvd
почти 8 лет назад

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.

debian логотип

CVE-2017-11144

CVSS3: 7.5
debian
почти 8 лет назад

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the o ...

github логотип

GHSA-99qx-86wf-8f3j

CVSS3: 7.5
github
около 3 лет назад

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.

fstec логотип

BDU:2022-02424

CVSS3: 7.5
fstec
почти 8 лет назад

Уязвимость расширения openssl (ext/openssl/openssl.c) интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 95%
0.16583
Средний

5 Medium

CVSS2

7.5 High

CVSS3

Уязвимость CVE-2017-11144