In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.
Metrics
Affected Vendors & Products
References
History
Sat, 23 Nov 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Fri, 22 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Php Group
Php Group php |
|
CPEs | cpe:2.3:a:php_group:php:*:*:*:*:*:*:*:* | |
Vendors & Products |
Php Group
Php Group php |
|
Metrics |
ssvc
|
Fri, 22 Nov 2024 06:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. | |
Title | OOB access in ldap_escape | |
Weaknesses | CWE-787 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: php
Published: 2024-11-22T06:03:29.764Z
Updated: 2024-11-27T04:55:17.998Z
Reserved: 2024-09-17T04:50:14.830Z
Link: CVE-2024-8932
Vulnrichment
Updated: 2024-11-22T17:41:17.061Z
NVD
Status : Received
Published: 2024-11-22T06:15:20.197
Modified: 2024-11-22T06:15:20.197
Link: CVE-2024-8932
Redhat