Description

In PHP 8.3.* before 8.3.5, function mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function.

INFO

Published Date :

2024-04-29T03:49:15.519Z

Last Modified :

2025-11-04T17:18:03.534Z

Source :

php
AFFECTED PRODUCTS

The following products are affected by CVE-2024-2757 vulnerability.

Vendors Products
Php
  • Php

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact