CVE-2018-15503

The unpack implementation in Swoole version 4.0.4 lacks correct size checks in the deserialization process. An attacker can craft a serialized object to exploit this vulnerability and cause a SEGV.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:swoole:swoole:4.0.4:*:*:*:*:*:*:*

Information

Published : 2018-08-17 19:29

Updated : 2018-11-08 12:49


NVD link : CVE-2018-15503

Mitre link : CVE-2018-15503


JSON object : View

CWE
CWE-502

Deserialization of Untrusted Data

Advertisement

dedicated server usa

Products Affected

swoole

  • swoole