mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
762 B
762 B
CVE-2018-15503
Description
The unpack implementation in Swoole version 4.0.4 lacks correct size checks in the deserialization process. An attacker can craft a serialized object to exploit this vulnerability and cause a SEGV.
POC
Reference
- https://x-c3ll.github.io/posts/swoole-deserialization-cve-2018-15503/
- https://x-c3ll.github.io/posts/swoole-deserialization-cve-2018-15503/
Github
No PoCs found on GitHub currently.