Innovate faster and cut risk with PHP experts from Zend Services.
Explore Services
See How Zend Helps Leading Hosting Providers Keep Their Managed Sites on Secure PHP
Read More
Learn PHP from PHP experts with free, on-demand, and instructor led courses.
Explore Training
Submit support requests and browse self-service resources.
Explore Support
Infinite loop in mb_encode_mimeheader for some inputs
Specially crafted input to mb_encode_mimeheader() can lead to an infinite loop. Considering that this function is integral to numerous email processing routines, users of PHP 8.3.0 who do any email processing should upgrade immediately.
mb_encode_mimeheader()
If you are not on an affected PHP version, or if you are not using mb_encode_mimeheader, either directly or indirectly (e.g, through a library), no change is required. Otherwise, we recommend updating to 8.3.6 or later immediately.
mb_encode_mimeheader
Direct link to CVE-2024-2757 >
< View all CVEs
