Description

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. 

Remediation

References

CVE-2023-0662

Related Vulnerabilities

WordPress Plugin Easy Contact Forms Export 'file' Parameter Information Disclosure (1.1.0)

PleskLin Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-43784)

Sqlite Improper Resource Shutdown or Release Vulnerability (CVE-2015-3415)

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6318)

WordPress Plugin The Events Calendar:Eventbrite Tickets Cross-Site Scripting (3.9.6)

Severity

High

Classification

CVE-2023-0662 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities