—
GO-2026-5084
FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files in github.com/dunglas/frankenphp
Details
FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files in github.com/dunglas/frankenphp
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/dunglas/frankenphp
Introduced in:
1.11.2 Fixed in: 1.12.3 Fix
go get github.com/dunglas/frankenphp@v1.12.3