Security Advisory

CVE-2024-2757

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-29 03:49:15

Last updated 2025-11-04 17:18:03

Assigner php

State PUBLISHED

Description

In PHP 8.3.* before 8.3.5, function mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function.

← Browse all CVEs View on cve.org ↗