PHP Security Vulnerabilities Discovered

According to PHP, servers running PHP are vulnerable to a variety of malicious program attacks, including allowing attackers to execute malicious code and DoS attacks. The PHP organization released an upgraded version to fix these vulnerabilities, which can be downloaded from the PHP website or directly obtained from various operating system vendors. PHP organizations strongly recommend that users upgrade to the new version. PHP is mainly used for server applications. according to the PHP organization, servers running PHP are vulnerable to a variety of malicious program attacks, including allowing attackers to execute malicious code and DoS attacks.
The PHP organization released an upgraded version to fix these vulnerabilities, which can be downloaded from the PHP website or directly obtained from various operating system vendors. PHP organizations strongly recommend that users upgrade to the new version.
PHP is an open-source programming language mainly used for server applications. it runs on Linux, Unix, Mac OS, Windows, and other server operating systems.
Two vulnerabilities are found in the EXIF module of PHP. this module is used to process the interchangeable Image File Format (EXIF) specification used by digital cameras. the exif_process_IFD_TAG () of this module () A vulnerability in the function may be exploited by the specially crafted "image file directory (IFD)" label to cause buffer overflow and execute malicious code with PHP server permissions.
The second EXIF module vulnerability may cause infinite recursion, causing program crash.
Another vulnerability affects the php_handle_iff () and php_handle_jpeg () functions, which can be exploited by specially crafted images to create an infinite loop, consuming all available CPU resources and forming DoS attacks.