CVE-2017-11144

Source
https://cve.org/CVERecord?id=CVE-2017-11144
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11144.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-11144
Downstream
Related
Published
2017-07-10T14:29:00.620Z
Modified
2026-07-08T10:54:26.286644Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
Last affected
Database specific
{
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "cpe": [
        "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.13:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.14:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.15:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.16:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.17:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.18:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.19:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.0.20:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.1.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.1.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.1.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.1.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.1.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.1.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:php:php:7.1.6:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.6.30"
        },
        {
            "introduced": "7.0.0"
        },
        {
            "last_affected": "7.0.0"
        },
        {
            "introduced": "7.0.1"
        },
        {
            "last_affected": "7.0.1"
        },
        {
            "introduced": "7.0.2"
        },
        {
            "last_affected": "7.0.2"
        },
        {
            "introduced": "7.0.3"
        },
        {
            "last_affected": "7.0.3"
        },
        {
            "introduced": "7.0.4"
        },
        {
            "last_affected": "7.0.4"
        },
        {
            "introduced": "7.0.5"
        },
        {
            "last_affected": "7.0.5"
        },
        {
            "introduced": "7.0.6"
        },
        {
            "last_affected": "7.0.6"
        },
        {
            "introduced": "7.0.7"
        },
        {
            "last_affected": "7.0.7"
        },
        {
            "introduced": "7.0.8"
        },
        {
            "last_affected": "7.0.8"
        },
        {
            "introduced": "7.0.9"
        },
        {
            "last_affected": "7.0.9"
        },
        {
            "introduced": "7.0.10"
        },
        {
            "last_affected": "7.0.10"
        },
        {
            "introduced": "7.0.11"
        },
        {
            "last_affected": "7.0.11"
        },
        {
            "introduced": "7.0.12"
        },
        {
            "last_affected": "7.0.12"
        },
        {
            "introduced": "7.0.13"
        },
        {
            "last_affected": "7.0.13"
        },
        {
            "introduced": "7.0.14"
        },
        {
            "last_affected": "7.0.14"
        },
        {
            "introduced": "7.0.15"
        },
        {
            "last_affected": "7.0.15"
        },
        {
            "introduced": "7.0.16"
        },
        {
            "last_affected": "7.0.16"
        },
        {
            "introduced": "7.0.17"
        },
        {
            "last_affected": "7.0.17"
        },
        {
            "introduced": "7.0.18"
        },
        {
            "last_affected": "7.0.18"
        },
        {
            "introduced": "7.0.19"
        },
        {
            "last_affected": "7.0.19"
        },
        {
            "introduced": "7.0.20"
        },
        {
            "last_affected": "7.0.20"
        },
        {
            "introduced": "7.1.0"
        },
        {
            "last_affected": "7.1.0"
        },
        {
            "introduced": "7.1.1"
        },
        {
            "last_affected": "7.1.1"
        },
        {
            "introduced": "7.1.2"
        },
        {
            "last_affected": "7.1.2"
        },
        {
            "introduced": "7.1.3"
        },
        {
            "last_affected": "7.1.3"
        },
        {
            "introduced": "7.1.4"
        },
        {
            "last_affected": "7.1.4"
        },
        {
            "introduced": "7.1.5"
        },
        {
            "last_affected": "7.1.5"
        },
        {
            "introduced": "7.1.6"
        },
        {
            "last_affected": "7.1.6"
        }
    ]
}

Affected versions

7.*
7.0.0
7.0.1
7.0.10
7.0.11
7.0.12
7.0.13
7.0.14
7.0.15
7.0.16
7.0.17
7.0.18
7.0.19
7.0.2
7.0.20
7.0.3
7.0.4
7.0.5
7.0.6
7.0.7
7.0.8
7.0.9
7.1.0
7.1.1
7.1.2
7.1.3
7.1.4
7.1.5
7.1.6
Other
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
php-5.*
php-5.6.30
php-5.6.30RC1
php-7.*
php-7.1.6
php-7.1.6RC1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11144.json"