VYPR
Critical severity9.1NVD Advisory· Published Jul 10, 2017· Updated Jun 17, 2026

CVE-2017-11147

CVE-2017-11147

Description

In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.