23 matches found
CVE-2025-66251
CVE-2025-66251 affects DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter family (versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000). Unauthenticated attacker can exploit an issue in the deletehidden parameter to perform path traversal, resulting in deletion of arbitra...
EUVD-2022-53080
Malicious code in bioql PyPI...
phar wrapper can occur dos when using quine gzip file
...
CVE-2024-7765
In h2oai/h2o-3 version 3.46.0.2, a vulnerability exists where uploading and repeatedly parsing a large GZIP file can cause a denial of service. The server becomes unresponsive due to memory exhaustion and a large number of concurrent slow-running jobs. This issue arises from the improper handling...
H2O 安全漏洞
H2O is an in-memory platform for distributed, scalable machine learning open-sourced by H2O.ai. A security vulnerability exists in H2O version 3.46.0.2, which stems from improper handling of large GZIP files and could lead to a denial of service...
BIT-PHP-MIN-2022-31628 phar wrapper can occur dos when using quine gzip file
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...
OESA-2023-1566 php security update
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
php: phar: infinite loop when decompressing quine gzip file
A vulnerability was found in PHP due to an infinite loop within the phar uncompressor code when processing "quines" gzip files. This vulnerability allows a remote attacker to pass a specially crafted archive to the application, and consume all available system resources, causing a denial of servi...
USN-5905-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. CVE-2022-31628 It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise data integrity...
php: phar: infinite loop when decompressing quine gzip file
A vulnerability was found in PHP due to an infinite loop within the phar uncompressor code when processing "quines" gzip files. This vulnerability allows a remote attacker to pass a specially crafted archive to the application, and consume all available system resources, causing a denial of servi...
openSUSE 15 Security Update : php7 (SUSE-SU-2022:3830-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3830-1 advisory. - In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress quines gzip files, resulting in an infini...
Fedora 36 : php (2022-0b77fbd9e7)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-0b77fbd9e7 advisory. PHP version 8.1.11 29 Sep 2022 Core: Fixed bug php81726: phar wrapper: DOS when using quine gzip file. CVE-2022-31628. cmb Fixed bug php81727: Don't...
PHP 8.0.x < 8.0.24 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 7.4.x prior to 7.4.32, 8.0.x prior to 8.0.24, or 8.1.x prior to 8.1.11. It is, therefore, affected by multiple vulnerabilities: - The phar uncompressor code would recursively uncompress quines gzip...
PHP 7.4.x < 7.4.32 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 7.4.x prior to 7.4.32, 8.0.x prior to 8.0.24, or 8.1.x prior to 8.1.11. It is, therefore, affected by multiple vulnerabilities: - The phar uncompressor code would recursively uncompress quines gzip...
CVE-2022-31628
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...
CVE-2022-31628
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...
Code injection
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...
UBUNTU-CVE-2022-31628
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...
CVE-2022-31628 phar wrapper can occur dos when using quine gzip file
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...
PHP 安全漏洞
PHP is a scripting language that executes on the server side. A denial of service vulnerability exists in PHP versions prior to 7.4.31, 8.0.0 and later, 8.0.24 and earlier, and 8.1.0 and later, and 8.1.11 and earlier, which stems from the fact that the phar decompressor code recursively...