Description
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by triggering crafted operations on array data structures.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Mail Logging Cross-Site Scripting (1.11.1)
Restlet Framework XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2013-4221)
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-38002)
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-20502)