5 matches found
Astra Linux – Vulnerability in PHP 8.1
In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving the set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If a third party can control the memory layout, for example by providing specially crafted inputs to the script, it could...
BIT-LIBPHP-2024-11235 Reference counting in php_request_shutdown causes Use-After-Free
In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the...
php: Reference counting in php_request_shutdown causes Use-After-Free
A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...
php: Reference counting in php_request_shutdown causes Use-After-Free
A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...
CLSA-2025-1745956866 php: Fix of CVE-2024-11235
CVE-2024-11235: Fix use-after-free vulnerability related to set handler and ??= operator to prevent potential remote code execution...