2 matches found
PT-2022-8903 · Js-Ini · Js-Ini
Name of the Vulnerable Software and Affected Versions: js-ini versions prior to 1.3.0 Description: The issue arises when an attacker submits a malicious INI file to an application that uses the parse function to parse it. This can lead to prototype pollution on the application, which can be furth...
UBUNTU-CVE-2017-11628
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input...