vulnerability
Amazon Linux 2023: CVE-2024-8925: Medium priority package update for php8.1 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:H/Au:S/C:N/I:C/A:N) | 2024-10-07 | 2025-02-26 | 2025-03-10 |
Severity
5
CVSS
(AV:N/AC:H/Au:S/C:N/I:C/A:N)
Published
2024-10-07
Added
2025-02-26
Modified
2025-03-10
Description
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being processed. This could lead to malicious attacker able to control part of the submitted data being able to exclude portion of other data, potentially leading to erroneous application behavior.
A flaw was found in PHP's parsing of multipart form data contents, which affects both file and input form data. This may lead to legitimate data not being processed, violating data integrity. For example, ff a multipart form data payload contains a valid prefix 'X' of the defined boundary B such that 5Kib < |X| < |B| < 8Kib, the logic responsible for parsing and storing the multipart payload fails to correctly extract the contents between two boundaries.
A flaw was found in PHP's parsing of multipart form data contents, which affects both file and input form data. This may lead to legitimate data not being processed, violating data integrity. For example, ff a multipart form data payload contains a valid prefix 'X' of the defined boundary B such that 5Kib < |X| < |B| < 8Kib, the logic responsible for parsing and storing the multipart payload fails to correctly extract the contents between two boundaries.
Solution(s)
amazon-linux-2023-upgrade-php8-1amazon-linux-2023-upgrade-php8-1-bcmathamazon-linux-2023-upgrade-php8-1-bcmath-debuginfoamazon-linux-2023-upgrade-php8-1-cliamazon-linux-2023-upgrade-php8-1-cli-debuginfoamazon-linux-2023-upgrade-php8-1-commonamazon-linux-2023-upgrade-php8-1-common-debuginfoamazon-linux-2023-upgrade-php8-1-dbaamazon-linux-2023-upgrade-php8-1-dba-debuginfoamazon-linux-2023-upgrade-php8-1-dbgamazon-linux-2023-upgrade-php8-1-dbg-debuginfoamazon-linux-2023-upgrade-php8-1-debuginfoamazon-linux-2023-upgrade-php8-1-debugsourceamazon-linux-2023-upgrade-php8-1-develamazon-linux-2023-upgrade-php8-1-embeddedamazon-linux-2023-upgrade-php8-1-embedded-debuginfoamazon-linux-2023-upgrade-php8-1-enchantamazon-linux-2023-upgrade-php8-1-enchant-debuginfoamazon-linux-2023-upgrade-php8-1-ffiamazon-linux-2023-upgrade-php8-1-ffi-debuginfoamazon-linux-2023-upgrade-php8-1-fpmamazon-linux-2023-upgrade-php8-1-fpm-debuginfoamazon-linux-2023-upgrade-php8-1-gdamazon-linux-2023-upgrade-php8-1-gd-debuginfoamazon-linux-2023-upgrade-php8-1-gmpamazon-linux-2023-upgrade-php8-1-gmp-debuginfoamazon-linux-2023-upgrade-php8-1-intlamazon-linux-2023-upgrade-php8-1-intl-debuginfoamazon-linux-2023-upgrade-php8-1-ldapamazon-linux-2023-upgrade-php8-1-ldap-debuginfoamazon-linux-2023-upgrade-php8-1-mbstringamazon-linux-2023-upgrade-php8-1-mbstring-debuginfoamazon-linux-2023-upgrade-php8-1-mysqlndamazon-linux-2023-upgrade-php8-1-mysqlnd-debuginfoamazon-linux-2023-upgrade-php8-1-odbcamazon-linux-2023-upgrade-php8-1-odbc-debuginfoamazon-linux-2023-upgrade-php8-1-opcacheamazon-linux-2023-upgrade-php8-1-opcache-debuginfoamazon-linux-2023-upgrade-php8-1-pdoamazon-linux-2023-upgrade-php8-1-pdo-debuginfoamazon-linux-2023-upgrade-php8-1-pgsqlamazon-linux-2023-upgrade-php8-1-pgsql-debuginfoamazon-linux-2023-upgrade-php8-1-processamazon-linux-2023-upgrade-php8-1-process-debuginfoamazon-linux-2023-upgrade-php8-1-pspellamazon-linux-2023-upgrade-php8-1-pspell-debuginfoamazon-linux-2023-upgrade-php8-1-snmpamazon-linux-2023-upgrade-php8-1-snmp-debuginfoamazon-linux-2023-upgrade-php8-1-soapamazon-linux-2023-upgrade-php8-1-soap-debuginfoamazon-linux-2023-upgrade-php8-1-tidyamazon-linux-2023-upgrade-php8-1-tidy-debuginfoamazon-linux-2023-upgrade-php8-1-xmlamazon-linux-2023-upgrade-php8-1-xml-debuginfoamazon-linux-2023-upgrade-php8-1-zipamazon-linux-2023-upgrade-php8-1-zip-debuginfoamazon-linux-2023-upgrade-php8-2amazon-linux-2023-upgrade-php8-2-bcmathamazon-linux-2023-upgrade-php8-2-bcmath-debuginfoamazon-linux-2023-upgrade-php8-2-cliamazon-linux-2023-upgrade-php8-2-cli-debuginfoamazon-linux-2023-upgrade-php8-2-commonamazon-linux-2023-upgrade-php8-2-common-debuginfoamazon-linux-2023-upgrade-php8-2-dbaamazon-linux-2023-upgrade-php8-2-dba-debuginfoamazon-linux-2023-upgrade-php8-2-dbgamazon-linux-2023-upgrade-php8-2-dbg-debuginfoamazon-linux-2023-upgrade-php8-2-debuginfoamazon-linux-2023-upgrade-php8-2-debugsourceamazon-linux-2023-upgrade-php8-2-develamazon-linux-2023-upgrade-php8-2-embeddedamazon-linux-2023-upgrade-php8-2-embedded-debuginfoamazon-linux-2023-upgrade-php8-2-enchantamazon-linux-2023-upgrade-php8-2-enchant-debuginfoamazon-linux-2023-upgrade-php8-2-ffiamazon-linux-2023-upgrade-php8-2-ffi-debuginfoamazon-linux-2023-upgrade-php8-2-fpmamazon-linux-2023-upgrade-php8-2-fpm-debuginfoamazon-linux-2023-upgrade-php8-2-gdamazon-linux-2023-upgrade-php8-2-gd-debuginfoamazon-linux-2023-upgrade-php8-2-gmpamazon-linux-2023-upgrade-php8-2-gmp-debuginfoamazon-linux-2023-upgrade-php8-2-intlamazon-linux-2023-upgrade-php8-2-intl-debuginfoamazon-linux-2023-upgrade-php8-2-ldapamazon-linux-2023-upgrade-php8-2-ldap-debuginfoamazon-linux-2023-upgrade-php8-2-mbstringamazon-linux-2023-upgrade-php8-2-mbstring-debuginfoamazon-linux-2023-upgrade-php8-2-mysqlndamazon-linux-2023-upgrade-php8-2-mysqlnd-debuginfoamazon-linux-2023-upgrade-php8-2-odbcamazon-linux-2023-upgrade-php8-2-odbc-debuginfoamazon-linux-2023-upgrade-php8-2-opcacheamazon-linux-2023-upgrade-php8-2-opcache-debuginfoamazon-linux-2023-upgrade-php8-2-pdoamazon-linux-2023-upgrade-php8-2-pdo-debuginfoamazon-linux-2023-upgrade-php8-2-pgsqlamazon-linux-2023-upgrade-php8-2-pgsql-debuginfoamazon-linux-2023-upgrade-php8-2-processamazon-linux-2023-upgrade-php8-2-process-debuginfoamazon-linux-2023-upgrade-php8-2-pspellamazon-linux-2023-upgrade-php8-2-pspell-debuginfoamazon-linux-2023-upgrade-php8-2-snmpamazon-linux-2023-upgrade-php8-2-snmp-debuginfoamazon-linux-2023-upgrade-php8-2-soapamazon-linux-2023-upgrade-php8-2-soap-debuginfoamazon-linux-2023-upgrade-php8-2-sodiumamazon-linux-2023-upgrade-php8-2-sodium-debuginfoamazon-linux-2023-upgrade-php8-2-tidyamazon-linux-2023-upgrade-php8-2-tidy-debuginfoamazon-linux-2023-upgrade-php8-2-xmlamazon-linux-2023-upgrade-php8-2-xml-debuginfoamazon-linux-2023-upgrade-php8-2-zipamazon-linux-2023-upgrade-php8-2-zip-debuginfoamazon-linux-2023-upgrade-php8-3amazon-linux-2023-upgrade-php8-3-bcmathamazon-linux-2023-upgrade-php8-3-bcmath-debuginfoamazon-linux-2023-upgrade-php8-3-cliamazon-linux-2023-upgrade-php8-3-cli-debuginfoamazon-linux-2023-upgrade-php8-3-commonamazon-linux-2023-upgrade-php8-3-common-debuginfoamazon-linux-2023-upgrade-php8-3-dbaamazon-linux-2023-upgrade-php8-3-dba-debuginfoamazon-linux-2023-upgrade-php8-3-dbgamazon-linux-2023-upgrade-php8-3-dbg-debuginfoamazon-linux-2023-upgrade-php8-3-debuginfoamazon-linux-2023-upgrade-php8-3-debugsourceamazon-linux-2023-upgrade-php8-3-develamazon-linux-2023-upgrade-php8-3-embeddedamazon-linux-2023-upgrade-php8-3-embedded-debuginfoamazon-linux-2023-upgrade-php8-3-enchantamazon-linux-2023-upgrade-php8-3-enchant-debuginfoamazon-linux-2023-upgrade-php8-3-ffiamazon-linux-2023-upgrade-php8-3-ffi-debuginfoamazon-linux-2023-upgrade-php8-3-fpmamazon-linux-2023-upgrade-php8-3-fpm-debuginfoamazon-linux-2023-upgrade-php8-3-gdamazon-linux-2023-upgrade-php8-3-gd-debuginfoamazon-linux-2023-upgrade-php8-3-gmpamazon-linux-2023-upgrade-php8-3-gmp-debuginfoamazon-linux-2023-upgrade-php8-3-intlamazon-linux-2023-upgrade-php8-3-intl-debuginfoamazon-linux-2023-upgrade-php8-3-ldapamazon-linux-2023-upgrade-php8-3-ldap-debuginfoamazon-linux-2023-upgrade-php8-3-mbstringamazon-linux-2023-upgrade-php8-3-mbstring-debuginfoamazon-linux-2023-upgrade-php8-3-modphpamazon-linux-2023-upgrade-php8-3-modphp-debuginfoamazon-linux-2023-upgrade-php8-3-mysqlndamazon-linux-2023-upgrade-php8-3-mysqlnd-debuginfoamazon-linux-2023-upgrade-php8-3-odbcamazon-linux-2023-upgrade-php8-3-odbc-debuginfoamazon-linux-2023-upgrade-php8-3-opcacheamazon-linux-2023-upgrade-php8-3-opcache-debuginfoamazon-linux-2023-upgrade-php8-3-pdoamazon-linux-2023-upgrade-php8-3-pdo-debuginfoamazon-linux-2023-upgrade-php8-3-pgsqlamazon-linux-2023-upgrade-php8-3-pgsql-debuginfoamazon-linux-2023-upgrade-php8-3-processamazon-linux-2023-upgrade-php8-3-process-debuginfoamazon-linux-2023-upgrade-php8-3-pspellamazon-linux-2023-upgrade-php8-3-pspell-debuginfoamazon-linux-2023-upgrade-php8-3-snmpamazon-linux-2023-upgrade-php8-3-snmp-debuginfoamazon-linux-2023-upgrade-php8-3-soapamazon-linux-2023-upgrade-php8-3-soap-debuginfoamazon-linux-2023-upgrade-php8-3-sodiumamazon-linux-2023-upgrade-php8-3-sodium-debuginfoamazon-linux-2023-upgrade-php8-3-tidyamazon-linux-2023-upgrade-php8-3-tidy-debuginfoamazon-linux-2023-upgrade-php8-3-xmlamazon-linux-2023-upgrade-php8-3-xml-debuginfoamazon-linux-2023-upgrade-php8-3-zipamazon-linux-2023-upgrade-php8-3-zip-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.