CVE-2024-3096 | PHP up to 8.1.27/8.2.17/8.3.4 password_verify poison null byte

Inserito da Angelo Barbosa | Apr 13, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in PHP up to 8.1.27/8.2.17/8.3.4. This issue affects the function password_verify. The manipulation leads to null byte interaction error.

The identification of this vulnerability is CVE-2024-3096. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3096 | PHP up to 8.1.27/8.2.17/8.3.4 password_verify poison null byte

Post correlati

CVE-2024-6722 | Woocommerce Chatbot Support AI Plugin up to 1.0.2 on WordPress Setting cross site scripting

CVE-2024-29069 | Canonical snapd up to 2.61 Symbolic Links external reference

CVE-2024-29993 | Microsoft unknown vulnerability

CVE-2024-6225 | Amelia Plugin/Amelia Pro Plugin on WordPress cross site scripting