EPSS
Percentile
24.9%
PHP is vulnerable to Authentication Bypass. The vulnerability exists because the Password_verify() function always returns true with some hashes, allowing an attacker to modify password hashes.
Password_verify()
bugs.php.net/bug.php?id=81744
github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.16/community.yaml