CVE-2017-11142

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-11142
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11142.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-11142
Downstream
Related
Published
2017-07-10T14:29:00.557Z
Modified
2026-02-12T00:32:08.729212Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0221e9f827632942225586687a33cfd554860d5e
Last affected
038c63cdea0472176ec2fdb162cfbd96e8c5f83e
Last affected
140e2adb5ab8a5ed0624366c0416f07b8aa17254
Last affected
195427c55481d9913ac9dd3fbcedf2f7c637e6de
Last affected
249a8fd9ae2324c84ede7ecfca6f6026e6d87df6
Last affected
37eb1e4d92db3cf3f92910f27216550c0b0a9982
Last affected
4054ec69da7631046f19d54ab06f09728a208b8b
Last affected
4e1b8701573698f56e12672e4991d7e6239138d2
Last affected
60fffd296abce5fc071f3c173c25a2696cf683c6
Last affected
721bcb2b7e7d283f89c300caed54a532e7fc5ddf
Last affected
734a5fca2c4731e34eca551f28be9a10ffc3f3c9
Last affected
94933677a34de91b54ecd3cbe44770b7c204dc8a
Last affected
9abbc3cc6d0f448435ca38bef694f671bf7303d8
Last affected
9d582eba7448f1495fae62b13d95d2844ce6b28a
Last affected
a36407215f69ba2debf77933dcb3faa0c3ba2d04
Last affected
cc766d7730bdec064e32f8009154fa672b34ef9b
Last affected
da12ca9c1ed03084e6803f5e81e46f2e0a80460a
Last affected
e000b401acacd5c0e8d90ec36c2ef1c585d149a2
Last affected
e09845d32614a19188632f410316478fbb440ebd
Last affected
e2874f7bf990ed58ba6f7abccefa2c00a0447fc7
Last affected
fb59213fc461f079bc218abf44cb5e2b4db2182c

Affected versions

Other
NEWS
NEWS-cvs2svn
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_NATIVE_TLS_MERGE
POST_PHP7_EREG_MYSQL_REMOVALS
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_NATIVE_TLS_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
PRE_PHPNG_MERGE
php-5.*
php-5.3.23RC1
php-5.3.29
php-5.3.29RC1
php-5.4.30RC1
php-5.4.32RC1
php-5.4.4RC2
php-5.5.24RC1
php-5.6.18RC1
php-5.6.19RC1
php-5.6.22RC1
php-5.6.23RC1
php-5.6.24RC1
php-5.6.30
php-5.6.30RC1
php-7.*
php-7.0.0
php-7.0.0RC1
php-7.0.0RC2
php-7.0.0RC3
php-7.0.0RC4
php-7.0.0RC5
php-7.0.0RC6
php-7.0.0RC7
php-7.0.0RC8
php-7.0.0alpha1
php-7.0.0alpha2
php-7.0.0beta1
php-7.0.0beta2
php-7.0.0beta3
php-7.0.1
php-7.0.10
php-7.0.10RC1
php-7.0.11
php-7.0.11RC1
php-7.0.12
php-7.0.12RC1
php-7.0.13
php-7.0.13RC1
php-7.0.14
php-7.0.14RC1
php-7.0.15
php-7.0.15RC1
php-7.0.16
php-7.0.16RC1
php-7.0.1RC1
php-7.0.2
php-7.0.2RC1
php-7.0.3
php-7.0.3RC1
php-7.0.4
php-7.0.4RC1
php-7.0.5
php-7.0.5RC1
php-7.0.6
php-7.0.6RC1
php-7.0.7
php-7.0.7RC1
php-7.0.8
php-7.0.8RC1
php-7.0.9
php-7.0.9RC1
php-7.1.0alpha2
php-7.1.1
php-7.1.1RC1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11142.json"