CVE-2017-9118

Updated: 2025-08-20 01:37:47.427122

Description:

PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5.0
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
Alpine Linux 3.22 php 7.3 7.5 HIGH Released CLSA-2026:1771245338 2026-02-16 14:41:18
Alpine Linux 3.22 php 7.4 7.5 HIGH Not Vulnerable 2026-01-23 13:40:04
Alpine Linux 3.22 php 8.1 7.5 HIGH Already Fixed 2026-02-18 11:30:42
Debian 10 php 8.0 7.5 HIGH Already Fixed 2025-09-03 16:02:31
Debian 10 php 5.6 7.5 HIGH Not Vulnerable 2025-09-12 17:49:22
Debian 10 php 7.3 7.5 HIGH Already Fixed 2025-05-02 03:50:11
Debian 10 php 8.2 7.5 HIGH Already Fixed 2025-09-03 16:02:30
Debian 10 php 8.1 7.5 HIGH Already Fixed 2025-09-03 16:02:31
Debian 10 php 7.0 7.5 HIGH Already Fixed 2025-05-02 03:50:11
Debian 10 php 7.1 7.5 HIGH Already Fixed 2025-05-02 03:50:11
Total: 140