9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.054 Low
EPSS
Percentile
93.0%
zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x
before 5.1.3 can cause zend_hash_del to delete the wrong element, which
prevents a variable from being unset even when the PHP unset function is
called, which might cause the variable’s value to be used in
security-relevant operations.