In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26 and 8.3.* before 8.3.14 a critical severity vulnerability CVE-2024-11236 was detected. This vulnerability allows attackers to exploit long string inputs to cause system crashes or execute malicious actions. To fix this issue, users should upgrade PHP to versions 8.1.31, 8.2.26, or 8.3.14. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-11236.
Read more Web Development
In PHP versions 8.1 to 8.1.30, 8.2 to 8.2.24, and 8.3 to 8.3.12 a high severity vulnerability related to command injection CVE-2024-8926 was detected. This vulnerability allows attackers to exploit certain non-standard configurations of Windows codepages, potentially enabling them to pass options to the PHP binary being executed. This may result in revealing the source code of scripts or running arbitrary PHP code on the server. To fix this issue, users must upgrade to 8.1.30, 8.2.24, or 8.3.12 versions. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-8926.
Read more Web Development