Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24426
HistoryApr 10, 2020 - 12:53 a.m.

Denial Of Service (DoS)

2020-04-1000:53:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
denial of service
php vulnerability
fnmatch function
remote attacker
php interpreter

EPSS

0.016

Percentile

87.4%

php is vulnerable to denial of service (DoS). The vulnerability exists as it was discovered that the PHP fnmatch() function did not restrict the length of the pattern argument. A remote attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted matching patterns.