Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution
Description: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications.
Below versions are affected:
- PHP 5.6 prior to 5.6.31
- PHP 7.0 prior to 7.0.21
- PHP 7.1 prior to 7.1.7
Impact: Successfully exploiting the most severe of these vulnerabilities could allow for remote attackers to execute arbitrary code in the context of the affected application. Failed exploitation could result in a denial-of-service condition.
Mitigation: Upgrade to the latest version of PHP immediately, after appropriate testing.
23 May 2019 - Security Advisories & Alerts
- Report Incident▼