{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T04:29:05.038","vulnerabilities":[{"cve":{"id":"CVE-2024-2757","sourceIdentifier":"security@php.net","published":"2024-04-29T04:15:08.113","lastModified":"2025-11-04T18:16:18.833","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In PHP 8.3.* before 8.3.5, function mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function."},{"lang":"es","value":"En PHP 8.3.* anterior a 8.3.5, la función mb_encode_mimeheader() se ejecuta sin cesar para algunas entradas que contienen cadenas largas de caracteres que no son espacios seguidos de un espacio. Esto podría provocar un posible ataque DoS si un usuario hostil envía datos a una aplicación que utiliza esta función."}],"metrics":{"cvssMetricV31":[{"source":"security@php.net","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.5","matchCriteriaId":"BE619987-797E-493B-B089-2E1CADDA9C47"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2024/04/12/11","source":"security@php.net","tags":["Mailing List"]},{"url":"https://github.com/php/php-src/security/advisories/GHSA-fjp9-9hwx-59fq","source":"security@php.net","tags":["Exploit","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20240510-0011/","source":"security@php.net","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2024/04/12/11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://github.com/php/php-src/security/advisories/GHSA-fjp9-9hwx-59fq","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20240510-0011/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}