0.01 Low
EPSS
Percentile
83.4%
In all versions of PHP 7, during the unserialization process, resizing the ‘properties’ hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.
blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf
bugzilla.redhat.com/show_bug.cgi?id=1412686