Amazon Linux AMI : php73 (ALAS-2024-1918)

The version of php73 installed on the remote host is prior to 7.3.13-1.22. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1918 advisory. 2024-02-14: CVE-2019-11045 was added to this advisory. 2024-02-14: CVE-2019-11049 was added to this advisory. 2024-02-14:...

Internet Bug Bounty: DirectoryIterator class silently truncates after a null byte

The bug submitted at: https://bugs.php.net/bug.php?id=78863 The security advisory at: https://nvd.nist.gov/vuln/detail/CVE-2019-11045 There's an issue with SPL PHP extension on splfilesystemobjectconstruct function. When creating a new DirectoryIterator object splfilesystemobjectconstruct functio...