CVE-2024-9026 | PHP up to 8.1.29/8.2.23/8.3.11 PHP-FPM SAPI null byte or nul character (GHSA-865w-9rf3-2wh5)

Posted by Angelo Barbosa | Oct 8, 2024 | CVE

A vulnerability was found in PHP up to 8.1.29/8.2.23/8.3.11. It has been classified as problematic. Affected is an unknown function of the component PHP-FPM SAPI. The manipulation leads to improper neutralization of null byte or nul character.

This vulnerability is traded as CVE-2024-9026. Attacking locally is a requirement. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-9026 | PHP up to 8.1.29/8.2.23/8.3.11 PHP-FPM SAPI null byte or nul character (GHSA-865w-9rf3-2wh5)

Related Posts

CVE-2024-1590 | Page Builder Plugin up to 1.8.2 on WordPress Button cross site scripting

CVE-2023-51685 | LJ Apps WP Review Slider Plugin up to 12.7 on WordPress cross site scripting

CVE-2024-39207 | lua-shmem 1.0-1 shmem_write buffer overflow

CVE-2023-49752 | Spoon Themes Adifier Theme up to 3.1.3 on WordPress sql injection