cbcvebase.
CVE-2024-11235
published 2025-04-04

CVE-2024-11235: In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a use-after-free…

PriorityP351high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
1.26%
66.0th percentile
In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianphp8.4< php8.4 8.4.5-1 (forky)php8.4 8.4.5-1 (forky)
msrccbl2_php_8.1.32-1_on_cbl_mariner_2.0
phpphp>= 8.3.0 < 8.3.198.3.19
phpphp>= 8.4.0 < 8.4.58.4.5
php_groupphp>= 8.3.* < 8.3.198.3.19
php_groupphp>= 8.4.* < 8.4.58.4.5

CVSS provenance

nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.2CRITICALCVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber
osv9.2CRITICAL
vendor_debian9.2CRITICAL
vendor_redhat9.2CRITICAL
vendor_msrc8.1HIGH
vendor_ubuntu8.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.