AVG-152 log
Package | php |
Status | Fixed |
Severity | High |
Type | access restriction bypass |
Affected | 7.0.9-1 |
Fixed | 7.0.10-1 |
Current | 8.3.14-1 [extra] |
Ticket | None |
Created | Thu Jan 19 21:27:08 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2016-7125 | High | Yes | Access restriction bypass | It has been discovered that ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect... |
References |
---|
http://www.php.net/ChangeLog-7.php https://bugs.php.net/bug.php?id=72681 https://github.com/php/php-src/commit/8763c6090d627d8bb0ee1d030c30e58f406be9ce?w=1 |