CVE-2024-11233
Single byte overread with convert.quoted-printable-decode filter) ORDER BY 1695-- MXbN
Publication Date | 2024-11-23 |
---|---|
Severity | Critical |
Type | Cross-Site Request Forgery |
Affected PHP Versions |
|
Fixed Product Versions |
|
CVE Details
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.
Recommendations
We recommend upgrading to a known patched version of PHP.