Description
An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function in ext/mbstring/php_mbregex.c can cause PHP to execute memcpy() with a negative argument, which could read and write past buffers allocated for the data.
Remediation
References
Related Vulnerabilities
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-7592)
WordPress Plugin WP Header Images Cross-Site Scripting (2.0.0)
WordPress Improper Input Validation Vulnerability (CVE-2016-9263)
Plone CMS CVE-2011-3587 Vulnerability (CVE-2011-3587)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1184)