CVE-2023-0662

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-0662
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0662.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-0662
Aliases
Downstream
Related
Published
2023-02-16T07:15:10.577Z
Modified
2026-03-13T22:01:13.016283Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
5dc92c2117cafc61daaaaa240fd46c3ac33872a4
Fixed
12b5ba0b1d87d2dfdb4ee213cb5d122c921f3f2f
Introduced
381ba9f5d0edd0c9c8ec1dea7e21d513ad08b115
Fixed
aa5f9f05194e534b9644ebdcfd073c1493d17d56
Introduced
70ee6c20ad97e02c2b8098aeea96fefbbc3ac5c2
Fixed
cde956a2b0592f5fd9591e423abc22f07be9d4b6
Database specific 
{
    "versions": [
        {
            "introduced": "8.0.0"
        },
        {
            "fixed": "8.0.28"
        },
        {
            "introduced": "8.1.0"
        },
        {
            "fixed": "8.1.16"
        },
        {
            "introduced": "8.2.0"
        },
        {
            "fixed": "8.2.3"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0662.json"