Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution
Description: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications.
Below versions are affected:
- PHP 5.6 prior to 5.6.31
- PHP 7.0 prior to 7.0.21
- PHP 7.1 prior to 7.1.7
Impact: Successfully exploiting the most severe of these vulnerabilities could allow for remote attackers to execute arbitrary code in the context of the affected application. Failed exploitation could result in a denial-of-service condition.
Mitigation: Upgrade to the latest version of PHP immediately, after appropriate testing.
Press release April 2023: Situational Security Alerts from CIRT
21 Apr 2023 - Articles, English articles, News, Notice, Security Advisories & Alerts
Security Best Practices
29 Mar 2023 - Security Advisories & Alerts