Description

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.

Remediation

References

CVE-2024-11233

Related Vulnerabilities

WordPress 3.9.x Possible SQL Injection Vulnerability (3.9 - 3.9.20)

WordPress Plugin Ceceppa Multilingua Multiple Cross-Site Scripting Vulnerabilities (1.5.13)

Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2401)

MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-14634)

Severity

High

Classification

CVE-2024-11233 CWE-787 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Tags

Missing Update Known Vulnerabilities