12 matches found
[SECURITY] [DLA 4470-1] phpunit security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-4470-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 06, 2026 https://wiki.debian.org/LTS -...
SUSE CVE-2026-24765
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
CVE-2026-24765
A flaw was found in PHPUnit, a testing framework for PHP. This vulnerability involves unsafe deserialization of code coverage data during PHPT test execution. An attacker with local file write access can exploit this by placing a malicious serialized object into the file system. This can lead to...
PHPUnit Vulnerable to Unsafe Deserialization in PHPT Code Coverage Handling
Overview A vulnerability has been discovered involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserializes code coverage files without validation, potentially allowing remote code execution if malicious...
CVE-2026-24765 PHPUnit Vulnerable to Unsafe Deserialization in PHPT Code Coverage Handling
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
CVE-2026-24765
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
Unsafe Deserialization in PHPT Code Coverage Handling
Overview A vulnerability has been discovered involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserializes code coverage files without validation, potentially allowing remote code execution if malicious...
PHPUnit code issues and vulnerabilities
PHPUnit is a PHP unit testing framework developed by Sebastian Bergmann. There were code-related vulnerabilities in versions prior to PHPUnit 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52. These vulnerabilities stemmed from insecure deserialization of code coverage data during PHPUnit testing, whi...
EUVD-2025-5058
Malicious code in bioql PyPI...
grcov has an out of bounds write triggered by crafted coverage data
Function grcov::covdir::getcoverage uses the unsafe function getuncheckedmut without validating that the index is in bounds. This results in memory corruption, and could potentially allow arbitrary code execution provided that an attacker can feed the tool crafted coverage data...
GHSA-QM2P-4W45-V2VR grcov has an out of bounds write triggered by crafted coverage data
Function grcov::covdir::getcoverage uses the unsafe function getuncheckedmut without validating that the index is in bounds. This results in memory corruption, and could potentially allow arbitrary code execution provided that an attacker can feed the tool crafted coverage data...
RUSTSEC-2025-0005 Out of bounds write triggered by crafted coverage data
Function grcov::covdir::getcoverage uses the unsafe function getuncheckedmut without validating that the index is in bounds. This results in memory corruption, and could potentially allow arbitrary code execution provided that an attacker can feed the tool crafted coverage data...