Description
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2020-2757 Vulnerability (CVE-2020-2757)
WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980)
WordPress Plugin Connections Business Directory Unspecified Vulnerability (10.4.7)