H4X0N4Ut

**Name of the Vulnerable Software and Affected Versions** PHP versions 7.0.x through 7.1.25 PHP versions 7.2.x through 7.2.13 PHP versions 7.3.x through 7.3.1 **Description** An issue in PHP's dns get record function can cause it to misparse a DNS response, allowing a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php parserr in ext/standard/dns.c for DNS CAA and DNS ANY queries. The vulnerability is related to a buffer overflow in the PHAR dns get record function, which can allow a remote attacker to access confidential data when processing DNS responses. **Recommendations** For PHP versions 7.0.x through 7.1.25, update to version 7.1.26 or later. For PHP versions 7.2.x through 7.2.13, update to version 7.2.14 or later. For PHP versions 7.3.x through 7.3.1, update to version 7.3.2 or later.