Severity

Low

Vendor

PHP

Versions Affected

• Cloud Foundry PHP buildpack versions prior to 4.3.14

Description

Several out-of-bounds reads were discovered in PHP and its dependencies that could cause memory leaks or other unexpected conditions.

Mitigation

Users of affected versions should apply the following mitigation:

• Upgrade the PHP Buildpack to v4.3.14 or later and restage all applications that use automated buildpack detection

References

• https://github.com/cloudfoundry/php-buildpack/releases/tag/v4.3.14
• https://bugs.php.net/bug.php?id=72227
• https://bugs.php.net/bug.php?id=72241