Bukka

**Name of the Vulnerable Software and Affected Versions** PHP versions 8.1.* before 8.1.31 PHP versions 8.2.* before 8.2.26 PHP versions 8.3.* before 8.3.14 **Description** The issue is related to an integer overflow in the `ldap escape()` function on 32-bit systems when handling uncontrolled long string inputs. This can result in an out-of-bounds write, potentially allowing a remote attacker to execute arbitrary code by sending specially crafted data to a web application. The vulnerability is critical and can lead to system crashes or malicious actions. **Recommendations** For PHP versions 8.1.* before 8.1.31, update to version 8.1.31 or later. For PHP versions 8.2.* before 8.2.26, update to version 8.2.26 or later. For PHP versions 8.3.* before 8.3.14, update to version 8.3.14 or later. As a temporary workaround, consider restricting the input to the `ldap escape()` function to prevent long string inputs on 32-bit systems.