Updated: 2025-11-10 00:36:05.592523
Description:
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 8.2 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | php | 8.0.30 | 8.2 | HIGH | Released | CLSA-2025:1737465408 | 2025-01-22 01:34:45 | |
| CentOS 6 ELS | php | 5.3.3 | 8.2 | HIGH | Released | CLSA-2024:1733421975 | 2024-12-16 11:56:45 | |
| CentOS 7 ELS | php | 5.4.16 | 8.2 | HIGH | Released | CLSA-2024:1733246329 | 2024-12-12 11:56:11 | |
| CentOS 8.4 ELS | php | 7.4.6 | 8.2 | HIGH | Released | CLSA-2024:1734368527 | 2024-12-16 13:22:51 | |
| CentOS 8.5 ELS | php | 7.4.19 | 8.2 | HIGH | Released | CLSA-2024:1733422173 | 2024-12-05 13:20:50 | |
| CentOS Stream 8 ELS | php | 7.2.24 | 8.2 | HIGH | Released | CLSA-2024:1733908995 | 2024-12-11 12:03:20 | |
| CloudLinux 6 ELS | php | 5.3.3 | 8.2 | HIGH | Released | CLSA-2024:1733909234 | 2024-12-25 23:22:34 | |
| CloudLinux 7 ELS | php | 5.4.16 | 8.2 | HIGH | Released | CLSA-2024:1733246354 | 2024-12-12 11:56:11 | |
| Debian 10 ELS | php | 7.3 | 8.2 | HIGH | Released | CLSA-2025:1761577285 | 2025-10-28 00:36:44 | |
| Oracle Linux 6 ELS | php | 5.3.3 | 8.2 | HIGH | Released | CLSA-2024:1734543983 | 2024-12-18 22:57:52 |