{"api_version":"1","generated_at":"2026-04-22T23:09:21+00:00","cve":"CVE-2023-0567","urls":{"html":"https://cve.report/CVE-2023-0567","api":"https://cve.report/api/cve/CVE-2023-0567.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-0567","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-0567"},"summary":{"title":"CVE-2023-0567","description":"In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.","state":"PUBLIC","assigner":"security@php.net","published_at":"2023-03-01 08:15:00","updated_at":"2023-11-07 04:00:00"},"problem_types":["CWE-916"],"metrics":[],"references":[{"url":"https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4","name":"https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4","refsource":"MISC","tags":[],"title":"BCrypt hashes erroneously validate if the salt is cut short by `$` · Advisory · php/php-src · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugs.php.net/bug.php?id=81744","name":"https://bugs.php.net/bug.php?id=81744","refsource":"MISC","tags":[],"title":"PHP :: Sec Bug #81744 :: Password_verify() always return true with some hash","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-0567","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0567","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-0567","qid":"161008","title":"Oracle Enterprise Linux Security Update for Hypertext Preprocessor (PHP) (ELSA-2023-5926)"},{"cve":"CVE-2023-0567","qid":"161015","title":"Oracle Enterprise Linux Security Update for php:8.0 (ELSA-2023-5927)"},{"cve":"CVE-2023-0567","qid":"161313","title":"Oracle Enterprise Linux Security Update for php:8.1 (ELSA-2024-0387)"},{"cve":"CVE-2023-0567","qid":"181613","title":"Debian Security Update for php7.3 (DLA 3345-1)"},{"cve":"CVE-2023-0567","qid":"181663","title":"Debian Security Update for php7.4 (DSA 5363-1)"},{"cve":"CVE-2023-0567","qid":"182679","title":"Debian Security Update for php8.2 (CVE-2023-0567)"},{"cve":"CVE-2023-0567","qid":"199197","title":"Ubuntu Security Notification for Hypertext Preprocessor (PHP) Vulnerabilities (USN-5902-1)"},{"cve":"CVE-2023-0567","qid":"199496","title":"Ubuntu Security Notification for Hypertext Preprocessor (PHP) Vulnerability (USN-6053-1)"},{"cve":"CVE-2023-0567","qid":"242223","title":"Red Hat Update for Hypertext Preprocessor (PHP) (RHSA-2023:5926)"},{"cve":"CVE-2023-0567","qid":"242227","title":"Red Hat Update for php:8.0 (RHSA-2023:5927)"},{"cve":"CVE-2023-0567","qid":"242739","title":"Red Hat Update for php:8.1 (RHSA-2024:0387)"},{"cve":"CVE-2023-0567","qid":"283742","title":"Fedora Security Update for Hypertext Preprocessor (PHP) (FEDORA-2023-d12ff09d38)"},{"cve":"CVE-2023-0567","qid":"283743","title":"Fedora Security Update for Hypertext Preprocessor (PHP) (FEDORA-2023-452714dbc6)"},{"cve":"CVE-2023-0567","qid":"355229","title":"Amazon Linux Security Advisory for php8.1 : ALAS2023-2023-139"},{"cve":"CVE-2023-0567","qid":"356062","title":"Amazon Linux Security Advisory for Hypertext Preprocessor (PHP) : ALASPHP8.1-2023-002"},{"cve":"CVE-2023-0567","qid":"356064","title":"Amazon Linux Security Advisory for Hypertext Preprocessor (PHP) : ALASPHP8.0-2023-002"},{"cve":"CVE-2023-0567","qid":"356074","title":"Amazon Linux Security Advisory for Hypertext Preprocessor (PHP) : ALASPHP8.2-2023-001"},{"cve":"CVE-2023-0567","qid":"356077","title":"Amazon Linux Security Advisory for Hypertext Preprocessor (PHP) : ALASPHP8.2-2023-001"},{"cve":"CVE-2023-0567","qid":"356082","title":"Amazon Linux Security Advisory for Hypertext Preprocessor (PHP) : ALASPHP8.0-2023-002"},{"cve":"CVE-2023-0567","qid":"356090","title":"Amazon Linux Security Advisory for Hypertext Preprocessor (PHP) : ALAS2PHP8.1-2023-002"},{"cve":"CVE-2023-0567","qid":"502663","title":"Alpine Linux Security Update for php8"},{"cve":"CVE-2023-0567","qid":"502679","title":"Alpine Linux Security Update for php81"},{"cve":"CVE-2023-0567","qid":"502708","title":"Alpine Linux Security Update for php7"},{"cve":"CVE-2023-0567","qid":"502911","title":"Alpine Linux Security Update for php81"},{"cve":"CVE-2023-0567","qid":"503215","title":"Alpine Linux Security Update for php82"},{"cve":"CVE-2023-0567","qid":"505790","title":"Alpine Linux Security Update for php81"},{"cve":"CVE-2023-0567","qid":"506155","title":"Alpine Linux Security Update for php82"},{"cve":"CVE-2023-0567","qid":"673101","title":"EulerOS Security Update for Hypertext Preprocessor (PHP) (EulerOS-SA-2023-2196)"},{"cve":"CVE-2023-0567","qid":"753778","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2023:0476-1)"},{"cve":"CVE-2023-0567","qid":"753786","title":"SUSE Enterprise Linux Security Update for php74 (SUSE-SU-2023:0515-1)"},{"cve":"CVE-2023-0567","qid":"753787","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2023:0514-1)"},{"cve":"CVE-2023-0567","qid":"905643","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for Hypertext Preprocessor (PHP) (13740)"},{"cve":"CVE-2023-0567","qid":"906518","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for Hypertext Preprocessor (PHP) (13740-1)"},{"cve":"CVE-2023-0567","qid":"906636","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for Hypertext Preprocessor (PHP) (13740-3)"},{"cve":"CVE-2023-0567","qid":"941313","title":"AlmaLinux Security Update for php:8.0 (ALSA-2023:5927)"},{"cve":"CVE-2023-0567","qid":"941321","title":"AlmaLinux Security Update for Hypertext Preprocessor (PHP) (ALSA-2023:5926)"},{"cve":"CVE-2023-0567","qid":"941553","title":"AlmaLinux Security Update for php:8.1 (ALSA-2024:0387)"},{"cve":"CVE-2023-0567","qid":"961052","title":"Rocky Linux Security Update for Hypertext Preprocessor (PHP) (RLSA-2023:5926)"},{"cve":"CVE-2023-0567","qid":"961062","title":"Rocky Linux Security Update for php:8.0 (RLSA-2023:5927)"},{"cve":"CVE-2023-0567","qid":"961115","title":"Rocky Linux Security Update for php:8.1 (RLSA-2024:0387)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-0567","ASSIGNER":"security@php.net","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"PHP Group","product":{"product_data":[{"product_name":"PHP","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"lessThan":"8.0.28","status":"affected","version":"8.0.x","versionType":"semver"},{"lessThan":"8.1.16","status":"affected","version":"8.1.x","versionType":"semver"},{"lessThan":"8.2.3","status":"affected","version":"8.2.x","versionType":"semver"}],"defaultStatus":"affected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://bugs.php.net/bug.php?id=81744","refsource":"MISC","name":"https://bugs.php.net/bug.php?id=81744"},{"url":"https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4","refsource":"MISC","name":"https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"EXTERNAL"},"credits":[{"lang":"en","value":"Tim Düsterhus"},{"lang":"en","value":"tech at mkdgs dot fr"}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":7.7,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","version":"3.1"}]}},"nvd":{"publishedDate":"2023-03-01 08:15:00","lastModifiedDate":"2023-11-07 04:00:00","problem_types":["CWE-916"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":6.2,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.5,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0","versionEndExcluding":"8.1.16","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.28","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}