Vulners
Lucene search
The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.
| Reporter | Title | Published | Views | Family All 115 |
|---|---|---|---|---|
 | The vulnerability of the zend_string_extend function in the PHP interpreter allows a attacker to cause a service failure or exert other effects. | 10 Aug 201700:00 | – | bdu_fstec |
 | CVE-2017-8923 affecting package php 7.4.14-3 | 12 Jan 202509:15 | – | cbl_mariner |
 | PHP Denial of Service Vulnerability (CNVD-2017-06940) | 17 May 201700:00 | – | cnvd |
 | CVE-2017-8923 | 12 May 201720:00 | – | cve |
 | CVE-2017-8923 | 12 May 201720:00 | – | cvelist |
 | CVE-2017-8923 | 12 May 201720:00 | – | debiancve |
 | EulerOS 2.0 SP8 : php (EulerOS-SA-2022-2477) | 9 Oct 202200:00 | – | nessus |
| EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2023-2243) | 13 Jun 202300:00 | – | nessus |
| openSUSE 15 Security Update : php7 (openSUSE-SU-2022:0699-1) | 5 Mar 202200:00 | – | nessus |
| PHP 7.0.x < 7.0.19 Multiple Vulnerabilities | 25 May 201700:00 | – | nessus |
10
Node
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Oct 2025 06:11Current
9.3High risk
Vulners AI Score9.3
CVSS 27.5
CVSS 3.19.8
EPSS0.07191