Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2016-9137
HistoryJan 04, 2017 - 8:59 p.m.

CVE-2016-9137

2017-01-0420:59:00
Debian Security Bug Tracker
security-tracker.debian.org
20

EPSS

0.021

Percentile

89.2%

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.

OSVersionArchitecturePackageVersionFilename
Debian9allphp7.0< 7.0.33-0+deb9u8php7.0_7.0.33-0+deb9u8_all.deb