php vulnerability

PHP’s mb_encode_mimeheader() can be weaponized to deny service: the bug tracked as CVE‑2024‑2757 causes the function to enter an endless loop when fed specially crafted header text, allowing an attacker to tie up PHP worker processes and render mail‑handling components or web endpoints...

Microsoft’s brief MSRC wording that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate for the Azure Linux product family — but it is a product‑scoped attestation, not an exclusive guarantee that no other Microsoft product could contain the same...