Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-0568

Опубликовано: 16 фев. 2023
Источник: ubuntu
Приоритет: medium
CVSS3: 7.5

Описание

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.

РелизСтатусПримечание
bionic

DNE

esm-infra-legacy/trusty

needed

esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of ESM support, was needed
upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra/focal

DNE

esm-infra/xenial

released

7.0.33-0ubuntu0.16.04.16+esm5
focal

DNE

jammy

DNE

kinetic

DNE

trusty

DNE

upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

released

7.2.24-0ubuntu0.18.04.17
esm-infra/bionic

released

7.2.24-0ubuntu0.18.04.17
esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

DNE

upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra/focal

released

7.4.3-4ubuntu2.18
focal

released

7.4.3-4ubuntu2.18
jammy

DNE

kinetic

DNE

trusty

DNE

upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

released

8.1.2-1ubuntu2.11
kinetic

released

8.1.7-1ubuntu3.3
lunar

released

8.1.12-1ubuntu4
mantic

DNE

noble

DNE

oracular

DNE

Показывать по

Ссылки на источники

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2023-0568

CVSS3: 7.5
redhat
почти 3 года назад

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.

nvd логотип

CVE-2023-0568

CVSS3: 7.5
nvd
почти 3 года назад

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.

msrc логотип

CVE-2023-0568

CVSS3: 8.1
msrc
почти 3 года назад

Array overrun in common path resolve code

debian логотип

CVE-2023-0568

CVSS3: 7.5
debian
почти 3 года назад

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3 ...

github логотип

GHSA-6gqv-38q3-6c47

CVSS3: 9.8
github
почти 3 года назад

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.

7.5 High

CVSS3