PHP Core Security Audit Results
a year ago
- #Security
- #OpenSource
- #PHP
- The PHP Foundation completed a security audit of the PHP source code, organized with OSTIF and executed by Quarkslab.
- The audit, conducted over two months in 2024, focused on critical components due to budget constraints.
- 27 issues were identified, with 17 having security implications, including four vulnerabilities with CVE identifiers.
- Quarkslab praised the high quality and specification adherence of the PHP source code.
- All identified issues have been addressed by the PHP development team; users are urged to upgrade to the latest versions.
- The PHP Foundation thanked contributors and expressed commitment to ongoing security improvements.
- Organizations interested in sponsoring future audits are encouraged to contact The PHP Foundation.