SUSE-SU-2017:2518-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2017-12933

Published: 18 Sept 2017, 09:40

Last modified:04 Feb 2026, 03:50

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

18 Sept 2017, 09:40

Published

Vulnerability first disclosed

04 Feb 2026, 03:50

Last Modified

Vulnerability information updated

Description

Security update for php5 This update for php5 fixes on issues. This security issue was fixed: - CVE-2017-12933: The finish_nested_data function in ext/standard/var_unserializer.re was prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue could have had an unspecified impact on the integrity of PHP (bsc#1054430)

Affected Systems

suse•php5&distro=SUSE Linux Enterprise Module for Web and Scripting 12
< 5.5.14-109.8.2
suse•php5&distro=SUSE Linux Enterprise Software Development Kit 12 SP2
< 5.5.14-109.8.2
suse•php5&distro=SUSE Linux Enterprise Software Development Kit 12 SP3
< 5.5.14-109.8.2

SUSE-SU-2017:2518-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)