Описание
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.
Ссылки
- ExploitIssue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
7.7 High
CVSS3
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as fi ...
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.
EPSS
7.7 High
CVSS3
9.8 Critical
CVSS3