In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |
||
tenable tenable.sc |
||
oracle communications diameter signaling router |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |