PHP is vulnerable to denial of service(DoS) attacks. This is because an invalid free in the WDDX deserialization
of boolean parameters. An attacker could inject XML for deserialization to crash the PHP interpreter which occurs in ext/wddx/wddx.c
file.
openwall.com/lists/oss-security/2017/07/10/6
php.net/ChangeLog-5.php
www.securityfocus.com/bid/99553
access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.1_release_notes/chap-rhscl#sect-RHSCL-Changes-php
access.redhat.com/errata/RHSA-2018:1296
access.redhat.com/security/updates/classification/#moderate
bugs.php.net/bug.php?id=74145
git.php.net/?p=php-src.git;a=commit;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7
security.netapp.com/advisory/ntap-20180112-0001/
www.debian.org/security/2018/dsa-4081
www.tenable.com/security/tns-2017-12