Synopsis
PHP 7.0.x < 7.0.23 Heap User After Free Vulnerability
Description
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.23 or 7.1.x prior to 7.1.9, therefore, affected by a heap user after free vulnerability when unserializing invalid array size.
Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to PHP version 7.0.23 or later.