CVE-2024-3096 | PHP up to 8.1.27/8.2.17/8.3.4 password_verify poison null byte

CVE-2024-3096 | PHP up to 8.1.27/8.2.17/8.3.4 password_verify poison null byte

A vulnerability, which was classified as problematic, has been found in PHP up to 8.1.27/8.2.17/8.3.4. This issue affects the function password_verify. The manipulation leads to null byte interaction error. The identification of this vulnerability is CVE-2024-3096. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.