Php · Php · CVE-2024-2757
**Name of the Vulnerable Software and Affected Versions**
PHP versions 8.3.0 through 8.3.4
**Description**
The issue is related to the function `mb encode mimeheader()` in PHP, which can run endlessly for certain inputs containing long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function.
**Recommendations**
For PHP versions 8.3.0 through 8.3.4, update to version 8.3.5 or later to resolve the issue.
As a temporary workaround, consider disabling the use of the `mb encode mimeheader()` function in applications until a patch is available.