Security vulnerability for PHP version 7.1.x, 7.2.x, 7.3.x in Azure Web app

Question

In 2018, the security team detected a vulnerability related to the PHP.
I would like to know if this vulnerability still exists, or if it has already been fixed.

Below is the security report:
An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an infinite loop when using program execution functions (e.g. passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing that master process to consume 100% of the CPU and consume disk space with a large volume of error logs, as demonstrated by a customer attack on a shared hosting resource.

Source: https://www.cve.org/CVERecord?id=CVE-2015-9253 Thanks!

Answer 1

@Henrique Santos We provide patches for any vulnerabilities for our platform, including framework patches. If a patch is available, we will apply it within a timely manner. If a framework is listed, we have it patched with the latest. If a framework version becomes unsupported, we work to remove the framework and push customers to a newer and secure framework version. Beyond that, let me know if you have any further questions or concerns.