A vulnerability was found in PHP up to 8.1.29/8.2.23/8.3.11. It has been classified as problematic. Affected is an unknown function of the component PHP-FPM SAPI. The manipulation leads to improper neutralization of null byte or nul character.
This vulnerability is traded as CVE-2024-9026. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.