CVE-2017-7272

PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type

GIT

Repo

https://github.com/php/php-src

Events

Introduced

Last affected

9f1492bb895ce297c660bde3fabb5e27a20a7cbd

Fixed

bab0b99f376dac9170ac81382a5ed526938d595a

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.1.3"
        }
    ]
}

Affected versions

Other

POST_64BIT_BRANCH_MERGE

POST_AST_MERGE

POST_PHP7_NSAPI_REMOVAL

POST_PHP7_REMOVALS

POST_PHPNG_MERGE

PRE_64BIT_BRANCH_MERGE

PRE_AST_MERGE

PRE_PHP7_EREG_MYSQL_REMOVALS

PRE_PHP7_NSAPI_REMOVAL

PRE_PHP7_REMOVALS

php-7.*

php-7.1.3

php-7.1.3RC1

Database specific

vanir_signatures

[
    {
        "id": "CVE-2017-7272-0367c050",
        "signature_version": "v1",
        "source": "https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a",
        "signature_type": "Function",
        "target": {
            "file": "main/streams/xp_socket.c",
            "function": "parse_ip_address_ex"
        },
        "digest": {
            "function_hash": "25954418537993354906810679751706881010",
            "length": 813.0
        },
        "deprecated": false
    },
    {
        "id": "CVE-2017-7272-dd7e2968",
        "signature_version": "v1",
        "source": "https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a",
        "signature_type": "Line",
        "target": {
            "file": "main/streams/xp_socket.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "96925839583532923982964231240844440937",
                "58623572596228789776196651253671782112",
                "135633014013098575755473646959568394835",
                "166067641592944639392872254756214638324",
                "100267658189387310072607059763441990347",
                "327358159792768892130981194478376054044",
                "851378121682662920468238894861988364",
                "314577343906733442472633894765041464525",
                "290488536648167433946729631960172792882",
                "304277819284939497559048954425926759404",
                "45361655755660409058900151378956781579",
                "98380177259299385082119401059192850571",
                "140857132125336533406313044813972857154",
                "138930420433345886720982775165105305311",
                "129429535438291653056969661213468792129",
                "150705046247528685625465905092658606036",
                "98721154362060048170613768024767904140",
                "186325265072741337767185550146872526890",
                "258922995148387736732108437600871178305",
                "295665630112481776732720450406535204466",
                "177770387157668607946762550750247977680",
                "215979603786398871912267452495927398013",
                "58699980153549850152597795615477593300",
                "179313615582318253927815754520587468813",
                "76616369875822220412912373158154491791",
                "42934769745497914088808172732736984029",
                "45502358789397159925983817023527663213",
                "279942236296071536843151426932711459991",
                "76307502023617010035481115789412140546",
                "6548854012503520523054358386376574142",
                "126808480897197276431818706293417770633"
            ]
        },
        "deprecated": false
    }
]

vanir_signatures_modified

"2026-04-11T04:14:42Z"

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7272.json"