Lucene search
K

6 matches found

OSV
OSV
added 2026/06/26 10:10 p.m.3 views

GHSA-2FMJ-P74R-3WJM PhpWeasyPrint vulnerable to PHAR deserialization via output filename (CVE-2023-28115 case-insensitive bypass)

Summary pontedilana/php-weasyprint guarded the output filename against the phar:// stream wrapper with a case-sensitive blacklist: php if 0 === \strpos$filename, 'phar://' throw new \InvalidArgumentException'The output file cannot be a phar archive.'; PHP stream wrappers are case-insensitive, so...

8.1CVSS6.5AI score0.00555EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/09/08 12:17 p.m.47 views

Snappy PHAR deserialization vulnerability

Issue On March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. To fix this issue, the version 1.4.2 was released with an additional check in the affected function to prevent the usage of the phar:// wrapper...

9.8CVSS8.3AI score0.0276EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2023/09/06 5:33 p.m.58 views

CVE-2023-41330 Unsafe deserialization in knplabs/knp-snappy

knplabs/knp-snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Issue On March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. Version 1.4.2 added a check if...

9.8CVSS10AI score0.01877EPSS
Exploits1References3
Friends Of PHP
Friends Of PHP
added 2023/09/06 3:24 p.m.65 views

Snappy PHAR deserialization vulnerability

Issue On March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. To fix this issue, the version 1.4.2 was released with an additional check in the affected function to prevent the usage of the phar:// wrapper...

9.8CVSS9.7AI score0.0276EPSS
Exploits2Affected Software1
CVE
CVE
added 2023/03/17 9:15 p.m.262 views

CVE-2023-28115

CVE-2023-28115 affects the knplabs/knp-snappy PHP library (Pdf/Html generation) prior to version 1.4.2. The root cause is a lack of validation for the protocol passed into file_exists(), allowing an attacker who can upload files to trigger PHAR deserialization via the phar:// wrapper and potentia...

9.8CVSS9.8AI score0.0276EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/17 9:15 p.m.12 views

CVE-2023-28115 Snappy vulnerable to PHAR deserialization, allowing remote code execution

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...

9.8CVSS9.9AI score0.0276EPSS
Exploits1References6
Rows per page
Query Builder