Description
The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
Remediation
References
Related Vulnerabilities
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.3.7)
WebLogic CVE-2022-21564 Vulnerability (CVE-2022-21564)
WordPress Plugin Front End Upload Arbitrary File Upload (0.5.4.4)
PostgreSQL Out-of-bounds Read Vulnerability (CVE-2019-10129)
WordPress Plugin Multicons [Multiple Favicons] Cross-Site Scripting (2.1)