{"id":"AZL-53462","summary":"CVE-2024-11233 affecting package php for versions less than 8.3.14-1","details":"In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.","modified":"2026-04-01T05:18:04.044382Z","published":"2024-11-24T02:15:16Z","upstream":["CVE-2024-11233"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-11233"}],"affected":[{"package":{"name":"php","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/php"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.3.14-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-53462.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}]}