PHP 8.3

OOB access in ldap_escape

Stream HTTP wrapper truncates redirect location to 1024 bytes

Integer overflow in the firebird and dblib quoters causing OOB writes

Argument Injection in PHP-CGI

Command injection via array-ish $command parameter of proc_open()

Reference counting in php_request_shutdown causes Use-After-Free

PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)

Command injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)

NULL Pointer Dereference in PDO quoting

Information Leak of Memory in getimagesize

PHP mb_encode_mimeheader runs endlessly for some inputs

cgi.force_redirect configuration is bypassable due to the environment variable collision

Stream HTTP wrapper header check might omit basic auth header

Heap buffer overflow in array_merge()

PHP function password_verify can erroneously return true when argument contains NUL

NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix

pgsql extension does not check for errors during escaping

PHP is vulnerable to the Marvin Attack

Leak partial content of the heap through heap buffer over-read in mysqlnd

Streams HTTP wrapper does not fail for headers with invalid name and no colon

libxml streams use wrong content-type header when requesting a redirected resource

Filter bypass in filter_var (FILTER_VALIDATE_URL)

Configuring a proxy in a stream context might allow for CRLF injection in URIs

Single byte overread with convert.quoted-printable-decode filter

Null byte termination in hostnames

PHP-FPM logs from children may be altered

Header parser of http stream wrapper does not handle folded headers

Erroneous parsing of multipart form data