Description PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. Remediation References CVE-2017-9118 Related Vulnerabilities WordPress Plugin User Activity Security Bypass (1.0.1) Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38901) Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7945) WordPress Plugin VR Calendar Cross-Site Request Forgery (2.3.3) WordPress Plugin SL User Create Information Disclosure (0.2.4) Severity High Classification CVE-2017-9118 CWE-125 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Tags Missing Update Known Vulnerabilities