Lucene search

CVE-2023-0567

🗓️ 01 Mar 2023 08:11:15Reported by phpType

PHP 8.0.X/8.1.X/8.2.X before 8.0.28/8.1.16/8.2.3 password_verify() vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 120
Veracode	Authentication Bypass	17 Feb 202310:36	–	veracode
NVD	CVE-2023-0567	1 Mar 202308:15	–	nvd
UbuntuCve	CVE-2023-0567	15 Feb 202300:00	–	ubuntucve
Vulnrichment	CVE-2023-0567 password_verify() always returns true for some invalid hashes	16 Feb 202306:15	–	vulnrichment
Debian CVE	CVE-2023-0567	1 Mar 202308:15	–	debiancve
OSV	BIT-php-2023-0567	6 Mar 202411:02	–	osv
OSV	php7.0 vulnerability	2 May 202310:07	–	osv
OSV	BIT-PHP-MIN-2023-0567	14 Jan 202519:21	–	osv
OSV	CVE-2023-0567	1 Mar 202308:15	–	osv
OSV	OPENSUSE-SU-2024:12711-1 php8-8.1.16-1.1 on GA media	15 Jun 202400:00	–	osv

Nvd

Node

php phpRange8.0.0–8.0.28

php phpRange8.1.0–8.1.16

php phpRange8.2.0–8.2.3

[
  {
    "defaultStatus": "affected",
    "product": "PHP",
    "programRoutines": [
      {
        "name": "password_verify"
      }
    ],
    "repo": "https://github.com/php/php-src",
    "vendor": "PHP Group",
    "versions": [
      {
        "lessThan": "8.0.28",
        "status": "affected",
        "version": "8.0.x",
        "versionType": "semver"
      },
      {
        "lessThan": "8.1.16",
        "status": "affected",
        "version": "8.1.x",
        "versionType": "semver"
      },
      {
        "lessThan": "8.2.3",
        "status": "affected",
        "version": "8.2.x",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
bugs	www.bugs.php.net/bug.php
github	www.github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
security	www.security.netapp.com/advisory/ntap-20230331-0008/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Mar 2023 08:15Current

7.7High risk

Vulners AI Score7.7

CVSS36.2 - 7.7

EPSS0.00034

SSVC

CWE-916