← Back

Ext Http

ext-http

Vendor: Php • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Php
1Ext Http
Nov 21, 2024
Sep 6, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attackers to crash PHP and po...Show more
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests.Show less