Lucene search
K

5 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in PHP 8.1

In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving the set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If a third party can control the memory layout, for example by providing specially crafted inputs to the script, it could...

9.2CVSS7.5AI score0.01263EPSS
Exploits1References2
OSV
OSV
added 2025/08/11 1:54 p.m.4 views

BIT-LIBPHP-2024-11235 Reference counting in php_request_shutdown causes Use-After-Free

In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the...

9.2CVSS8.1AI score0.01263EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/05/13 5:18 p.m.9 views

php: Reference counting in php_request_shutdown causes Use-After-Free

A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...

9.2CVSS6.4AI score0.01263EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/05/13 1:59 p.m.9 views

php: Reference counting in php_request_shutdown causes Use-After-Free

A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...

9.2CVSS6.4AI score0.01263EPSS
Exploits1References5
OSV
OSV
added 2025/04/29 8:1 p.m.6 views

CLSA-2025-1745956866 php: Fix of CVE-2024-11235

CVE-2024-11235: Fix use-after-free vulnerability related to set handler and ??= operator to prevent potential remote code execution...

9.2CVSS6.4AI score0.01263EPSS
Exploits1References1
Rows per page
Query Builder