5 matches found
CVE-2023-51651
creationtimestamp| type| source ---|---|--- 2023-12-22 22:22:16+00:00| seen| https://t.me/ctinow/158641...
CVE-2023-51651
AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the buildEndpoint method in the RestSerializer component of the AWS SDK f...
CVE-2023-51651
AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the buildEndpoint method in the RestSerializer component of the AWS SDK f...
CVE-2023-51651
The CVE-2023-51651 issue affects AWS SDK for PHP (v3) prior to 3.288.1. The vulnerability resides in the RestSerializer’s buildEndpoint, which relies on Guzzle Psr7 UriResolver that strips dot segments per RFC 3986. Under certain conditions, this can lead to a path traversal in S3 object key pref...
Potential URI resolution path traversal in the AWS SDK for PHP
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-51651...