Updated: 2025-11-10 00:36:05.592523
Description:
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 8.2 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| Oracle Linux 7 ELS | php | 5.4.16 | 8.2 | HIGH | Released | CLSA-2024:1733429914 | 2024-12-05 16:22:02 | |
| RHEL 7 ELS | php | 5.4.16 | 8.2 | HIGH | Released | CLSA-2025:1748639500 | 2025-06-02 16:07:01 | |
| Ubuntu 16.04 ELS | php | 7.0.33 | 8.2 | HIGH | Released | CLSA-2024:1735310784 | 2024-12-27 22:25:22 | |
| Ubuntu 18.04 ELS | php | 7.2.24-0 | 8.2 | HIGH | Released | CLSA-2024:1735065830 | 2024-12-24 22:09:08 |