Sebastian Li

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.6.31 PHP versions 7.x prior to 7.0.21 PHP versions 7.1.x prior to 7.1.7 **Description** The issue is related to the openssl extension in PHP, specifically with the PEM sealing code not checking the return value of the OpenSSL sealing function. This could lead to a crash of the PHP interpreter due to an interpretation conflict for a negative number. The problem is also associated with insufficient checking of unusual or exceptional states, which could allow a remote attacker to cause a denial of service. **Recommendations** For PHP versions prior to 5.6.31, update to version 5.6.31 or later. For PHP versions 7.x prior to 7.0.21, update to version 7.0.21 or later. For PHP versions 7.1.x prior to 7.1.7, update to version 7.1.7 or later.