PHP 7.3.x < 7.3.10 Heap-Based Buffer Overflow Vulnerability.
High Nessus Plugin ID 129557
SynopsisAn application installed on the remote host is affected by a head-based buffer overflow vulnerability.
DescriptionAccording to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.10. It is, therefore, affected by a heap-based buffer overflow vulnerability in its mb_eregi component due to insufficient validation of user input. An unauthenticated, remote attacker can exploit this, by sending a specially crafted request, to cause a denial of service condition or the execution of arbitrary code
SolutionUpgrade to PHP version 7.3.10 or later.