6 matches found
Fedora 29 : php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2 (2019-af7bef7165)
Two security updates have been released for PharStreamWrapper. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 30 : php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2 (2019-a8121923d5)
Two security updates have been released for PharStreamWrapper. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 29 : php-typo3-phar-stream-wrapper (2019-d5f883429d)
3.1.1 - TYPO3-PSA-2019-007 / CVE-2019-11831 - TYPO3-PSA-2019-008 / CVE-2019-11830 - 3.1.0 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 28 : php-typo3-phar-stream-wrapper (2019-4d93cf2b34)
3.1.1 - TYPO3-PSA-2019-007 / CVE-2019-11831 - TYPO3-PSA-2019-008 / CVE-2019-11830 - 3.1.0 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
CVE-2019-11830
PharMetaDataInterceptor in the PharStreamWrapper aka phar-stream-wrapper package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism...
CVE-2019-11830
The vulnerability CVE-2019-11830 affects TYPO3 in the PharStreamWrapper (phar-stream-wrapper) 2.x before 2.1.1 and 3.x before 3.1.1. The issue stems from misparsing Phar stubs, allowing bypass of deserialization protection. Impact is high (CVE-2019-11830) with critical, network-exposed access. Re...