CVE-2024-11233
CVSS 3.1 Score 8.2 of 10 (high)
Details
Published Nov 24, 2024
Updated: Nov 26, 2024
CWE ID 787
CWE ID 122
Summary
CVE-2024-11233 is a vulnerability affecting PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, and 8.3.* before 8.3.14. This issue arises due to an error in the convert.quoted-printable-decode filter. Specific data can cause a buffer overread by one byte, resulting in crashes or potentially disclosing memory contents from other areas.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- PHP: Hypertext Preprocessor
Affected Vendors
- Php