CVE-2024-11233

Updated: 2024-11-26 19:54:06.044214

Description:

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 8.2

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

EL 6 PHP php 5.4 8.2 HIGH In Testing 2024-12-23 22:29:01
EL 6 PHP php 8.0 8.2 HIGH In Testing 2025-01-13 23:37:57
EL 6 PHP php 8.2 8.2 HIGH Not Vulnerable 2025-01-13 23:37:56
EL 6 PHP php 8.1 8.2 HIGH Not Vulnerable 2025-01-13 23:37:55
EL 6 PHP php 7.1 8.2 HIGH In Testing 2025-01-08 23:37:05
EL 6 PHP php 5.1 8.2 HIGH In Testing 2025-01-08 23:37:14
EL 6 PHP php 7.0 8.2 HIGH In Testing 2025-01-08 23:37:05
EL 6 PHP php 7.3 8.2 HIGH In Testing 2025-01-08 23:37:14
EL 6 PHP php 7.2 8.2 HIGH In Testing 2025-01-08 23:37:14
EL 6 PHP php 5.2 8.2 HIGH In Testing 2025-01-08 23:37:14
Total: 86