In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.
Metrics
Affected Vendors & Products
References
History
Thu, 13 Feb 2025 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. |

Status: PUBLISHED
Assigner: php
Published: 2023-02-16T06:34:04.101Z
Updated: 2025-02-13T16:39:02.244Z
Reserved: 2023-01-29T07:46:39.833Z
Link: CVE-2023-0568

No data.

Status : Modified
Published: 2023-02-16T07:15:10.327
Modified: 2025-02-13T17:15:55.913
Link: CVE-2023-0568
