Updated: 2024-11-30 05:21:32.698236
Description:
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | CRITICAL | 9.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| EL 6 PHP | php | 5.5 | 9.8 | CRITICAL | Released | CLSA-2025:1740162258 | 2025-02-22 01:11:32 | |
| EL 6 PHP | php | 8.1 | 9.8 | CRITICAL | Not Vulnerable | 2025-01-13 23:38:11 | ||
| EL 6 PHP | php | 7.4 | 9.8 | CRITICAL | Released | CLSA-2025:1740177748 | 2025-02-23 00:18:44 | |
| EL 6 PHP | php | 8.2 | 9.8 | CRITICAL | Not Vulnerable | 2025-01-13 23:38:12 | ||
| EL 6 PHP | php | 7.3 | 9.8 | CRITICAL | Released | CLSA-2025:1740176454 | 2025-02-23 00:18:56 | |
| EL 6 PHP | php | 8.0 | 9.8 | CRITICAL | Released | CLSA-2025:1740178949 | 2025-02-23 01:08:42 | |
| EL 6 PHP | php | 7.1 | 9.8 | CRITICAL | Released | CLSA-2025:1740159770 | 2025-02-22 01:11:19 | |
| EL 6 PHP | php | 5.6 | 9.8 | CRITICAL | Released | CLSA-2025:1740145476 | 2025-02-22 01:11:22 | |
| EL 6 PHP | php | 7.0 | 9.8 | CRITICAL | Released | CLSA-2025:1740158317 | 2025-02-22 01:11:20 | |
| EL 6 PHP | php | 5.4 | 9.8 | CRITICAL | Released | CLSA-2025:1740161759 | 2025-02-22 02:02:18 |