{"id":"CVE-2017-5340","details":"Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data.","modified":"2026-04-02T00:11:29.682293Z","published":"2017-01-11T06:59:00.160Z","related":["SUSE-SU-2017:0534-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20180112-0001/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/95371"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1037659"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"type":"REPORT","url":"https://bugs.php.net/bug.php?id=73832"},{"type":"FIX","url":"https://github.com/php/php-src/commit/4cc0286f2f3780abc6084bcdae5dce595daa3c12"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"60fffd296abce5fc071f3c173c25a2696cf683c6"},{"fixed":"cc766d7730bdec064e32f8009154fa672b34ef9b"},{"introduced":"0221e9f827632942225586687a33cfd554860d5e"},{"fixed":"9abbc3cc6d0f448435ca38bef694f671bf7303d8"},{"fixed":"4cc0286f2f3780abc6084bcdae5dce595daa3c12"}],"database_specific":{"versions":[{"introduced":"7.0.0"},{"fixed":"7.0.15"},{"introduced":"7.1.0"},{"fixed":"7.1.1"}]}}],"versions":["php-7.0.0","php-7.1.0"],"database_specific":{"vanir_signatures":[{"digest":{"length":2665,"function_hash":"291942526429879441159894536430346133521"},"deprecated":false,"signature_version":"v1","target":{"file":"ext/gd/libgd/gd_gd2.c","function":"_gd2GetHeader"},"id":"CVE-2017-5340-12d1fca6","source":"https://github.com/php/php-src/commit/9abbc3cc6d0f448435ca38bef694f671bf7303d8","signature_type":"Function"},{"digest":{"threshold":0.9,"line_hashes":["302809697189148475297750884608790259821","25269136893474997921766866731112141155","176995661728580401951558063694425109185","282407999817348256037465684465485374719","27203332826222208118957196914128024108","327578526711602898995701292075519451415","101648155586618325587449013706940504782","84422741966942976358390282422869288177"]},"deprecated":false,"signature_version":"v1","target":{"file":"Zend/zend_hash.c"},"id":"CVE-2017-5340-7501d6a6","source":"https://github.com/php/php-src/commit/4cc0286f2f3780abc6084bcdae5dce595daa3c12","signature_type":"Line"},{"digest":{"length":534,"function_hash":"108479502598115741326499771321871644248"},"deprecated":false,"signature_version":"v1","target":{"file":"Zend/zend_hash.c","function":"_zend_hash_init"},"id":"CVE-2017-5340-7570f682","source":"https://github.com/php/php-src/commit/4cc0286f2f3780abc6084bcdae5dce595daa3c12","signature_type":"Function"},{"digest":{"threshold":0.9,"line_hashes":["268808390959611610380382661363715926383","332457077737297600470842301867489262455","183820387990733455444215637150999073887","296117839669516092864788658433251533836"]},"deprecated":false,"signature_version":"v1","target":{"file":"ext/gd/libgd/gd_gd2.c"},"id":"CVE-2017-5340-a887e78f","source":"https://github.com/php/php-src/commit/9abbc3cc6d0f448435ca38bef694f671bf7303d8","signature_type":"Line"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5340.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}