Description
The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type.
Remediation
References
Related Vulnerabilities
WordPress Plugin Media Library Assistant PHP Object Injection (2.60)
WordPress Plugin RapidLoad Power-Up for Autoptimize Multiple Vulnerabilities (1.7.1)
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32028)
Apache HTTP Server CVE-2024-40725 Vulnerability (CVE-2024-40725)