Описание
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.
Релиз | Статус | Примечание |
---|---|---|
devel | DNE | |
esm-infra-legacy/trusty | needs-triage | |
jammy | DNE | |
noble | DNE | |
oracular | DNE | |
plucky | DNE | |
upstream | needs-triage |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
devel | DNE | |
esm-infra/xenial | needs-triage | |
jammy | DNE | |
noble | DNE | |
oracular | DNE | |
plucky | DNE | |
upstream | needs-triage |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
devel | DNE | |
esm-infra/bionic | needs-triage | |
jammy | DNE | |
noble | DNE | |
oracular | DNE | |
plucky | DNE | |
upstream | needs-triage |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
devel | DNE | |
esm-infra/focal | needs-triage | |
jammy | DNE | |
noble | DNE | |
oracular | DNE | |
plucky | DNE | |
upstream | needs-triage |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
devel | DNE | |
jammy | released | 8.1.2-1ubuntu2.22 |
noble | DNE | |
oracular | DNE | |
plucky | DNE | |
upstream | released | 8.1.33 |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
devel | DNE | |
jammy | DNE | |
noble | released | 8.3.6-0ubuntu0.24.04.5 |
oracular | ignored | end of life, was needs-triage |
plucky | DNE | |
upstream | released | 8.3.23 |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
devel | needed | |
jammy | DNE | |
noble | DNE | |
oracular | DNE | |
plucky | released | 8.4.5-1ubuntu1.1 |
upstream | released | 8.4.10 |
Показывать по
3.7 Low
CVSS3
Связанные уязвимости
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before ...
3.7 Low
CVSS3