vulnerability
Debian: CVE-2017-11143: php5, php7.0 -- security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jul 10, 2017 | Jan 10, 2018 | Nov 27, 2024 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jul 10, 2017
Added
Jan 10, 2018
Modified
Nov 27, 2024
Description
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.
Solution(s)
debian-upgrade-php5debian-upgrade-php7-0

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.