PHP 8.3.8

CPE Details

PHP 8.3.8
8.3.8
2024-06-12
14h14 +00:00
2024-06-12
14h14 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:php:php:8.3.8:-:*:*:*:*:*:*

Informations

Vendor

php

Product

php

Version

8.3.8

Update

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-11233 2024-11-24 01h08 +00:00 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.
8.2
High
CVE-2024-11234 2024-11-24 00h57 +00:00 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user.
7.2
High
CVE-2024-11236 2024-11-24 00h44 +00:00 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.
9.8
Critical
CVE-2013-2220 2013-07-31 10h00 +00:00 Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
7.5
CVE-2007-3205 2007-06-13 08h00 +00:00 The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.
5