VYPR
Critical severity9.8NVD Advisory· Published Aug 18, 2017· Updated Jun 17, 2026

CVE-2017-12933

CVE-2017-12933

Description

The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

39

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.