BIT-php-2026-7263
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/php/BIT-php-2026-7263.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/BIT-php-2026-7263
- Aliases
-
- BIT-libphp-2026-7263
- BIT-php-min-2026-7263
- CVE-2026-7263
- Published
- 2026-05-12T08:56:10.333Z
- Modified
- 2026-05-12T10:56:36.855829345Z
- Summary
- DoS attack via DOMNode::C14N()
- Details
-
In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N() method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial of service in the processing application.
- Database specific
{ "severity": "Medium", "cpes": [ "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" ] }- References
Affected packages
Bitnami / php
Package
- Name
- php
- Purl
- pkg:bitnami/php
Severity
- 6.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:Amber CVSS Calculator