---

CVE-2016-7478 - log back

CVE-2016-7478 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Denial of service
Description	+ Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, which refers to itself as the previous exception and causing exception::__toString to never to terminate.
References	+ https://bugs.php.net/bug.php?id=73093
Notes