Vulnerabilities

Critical Flaw in PHP Leads To a Use-After-Free Vulnerability

Risk Level

Informational (4)

Platform(s)

  • N/A

Description

A flaw was found in PHP. The vulnerability occurs due to the malformed php_filter_float() function and leads to a use-after-free vulnerability. This flaw allows an attacker to inject a malicious file, leading to a crash or a Segmentation fault

  • Recommended Mitigation

    Update to version 8.1.3. If you haven't yet shifted to the 8.1 flavour of PHP, two other earlier branches are still supported: 8.0 needs upgrading to 8.0.16, and 7.4 needs upgrading to 7.4.28. If you're using a Linux distro that manages PHP for you, check your distro for details.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.