Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:23121
HistoryApr 10, 2020 - 12:16 a.m.

Denial Of Service (DoS)

2020-04-1000:16:37
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

php is vulnerable to denial of service. When unserializing untrusted data on 64-bit platforms, the zend_hash_init() function could be forced into an infinite loop, consuming CPU resources for a limited time, until the script timeout alarm aborted execution of the script.

References

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P