CVE-2017-11142 — Vulnetix

Try Vulnetix Request Demo

CVE-2017-11142 REJECTED

In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.

EPSS 50.03% · 97.8th percentile

Risk Scores

EPSS Score

50.03%

97.8th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	php7.0	0, 7.0.1-5, 7.0.1-6

Timeline

Jul 10, 2017 CVE Published
Apr 14, 2021 EPSS Score
May 8, 2023 EPSS Score
Jul 22, 2024 EPSS Score
Aug 5, 2024 CVE Updated
Dec 17, 2024 EPSS Score
Mar 17, 2025 EPSS Score
Mar 20, 2025 EPSS Score
Mar 26, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Apr 3, 2025 EPSS Score
Apr 4, 2025 EPSS Score

References

https://ubuntu.com/security/CVE-2017-11142 third-party-advisory
http://openwall.com/lists/oss-security/2017/07/10/6 third-party-advisory
http://php.net/ChangeLog-5.php third-party-advisory
http://php.net/ChangeLog-7.php third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2017-11142 third-party-advisory

Open in Interactive Console →