php:8.2 security update

libzip php 8.2.31-1 - rebase to 8.2.31 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...

PeAR: A Static Binary Rewriting Framework for Binary-Only Fuzzing

Binary-only fuzzing is a key technique for finding bugs in close-source software. Without access to source code, the fuzzer must rely on static or dynamic binary instrumentation for coverage guidance. In practice, most fuzzers favor dynamic binary instrumentation DBI, accepting runtime overhead t...

Pear Archive_Tar 安全漏洞

Pear ArchiveTar is a PHP-based software developed by the PEAR team that allows for creating and extracting tar packages. Prior to version 3.08, Pear ArchiveTar had a security vulnerability. This vulnerability stemmed from the makespecialfile function, which passed the linkname of the tar header t...

Pear Archive_Tar 安全漏洞

Pear ArchiveTar is a PHP-based software developed by the PEAR team that allows for creating and extracting tar packages. Prior to version 3.08, Pear ArchiveTar had a security vulnerability. This vulnerability stemmed from the makespecialfile function, which passed the linkname of the tar header t...

Astra Linux - уязвимость в php-pear

In ArchiveTar before version 1.4.14, symlinks can reference targets outside of the extracted archive. This is a separate vulnerability from CVE-2020-36193...

MAL-2026-1547 Malicious code in pear-wrk-wdk (npm)

The package 'pear-wrk-wdk' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...

Malicious code in pear-wrk-wdk (npm)

The package 'pear-wrk-wdk' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...

Malicious code in pear-apps-lib-ui-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 325efdb6f86d5a55bf6cf0630f6fc6be87fbe387047929a31e4e5e55a8ea6cdf The package pear-apps-lib-ui-react-hooks was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1251 Malicious code in pear-apps-lib-ui-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 325efdb6f86d5a55bf6cf0630f6fc6be87fbe387047929a31e4e5e55a8ea6cdf The package pear-apps-lib-ui-react-hooks was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview pear-apps-utils-avatar-initials is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and th...

Malicious code in pear-apps-utils-avatar-initials (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 097265e259265c0fcc8e4d53ebb4bfcdc33404ce2fc818308f0f1097d90de3d4 The package pear-apps-utils-avatar-initials was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1252 Malicious code in pear-apps-utils-avatar-initials (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 097265e259265c0fcc8e4d53ebb4bfcdc33404ce2fc818308f0f1097d90de3d4 The package pear-apps-utils-avatar-initials was found to contain malicious code. Source: ghsa-malware...

Malicious code in pear-apps-utils-date (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65df5bee974b55dfd58d5816e480664604e9d8b3bf6a7c27c22b92aefeaca124 The package pear-apps-utils-date was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview pear-apps-utils-date is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-1253 Malicious code in pear-apps-utils-date (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65df5bee974b55dfd58d5816e480664604e9d8b3bf6a7c27c22b92aefeaca124 The package pear-apps-utils-date was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview pear-apps-utils-qr is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in pear-apps-utils-qr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8bf18757dd3797d845e6746f010e38421985192e8623264615f68c13b4ec0a1 The package pear-apps-utils-qr was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1254 Malicious code in pear-apps-utils-qr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8bf18757dd3797d845e6746f010e38421985192e8623264615f68c13b4ec0a1 The package pear-apps-utils-qr was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview pear-apps-lib-feedback is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

Malicious code in pear-apps-lib-feedback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 331d2742dee8271e5d493e475aab23ee3f05adc5e02888d87127d189883cc50c The package pear-apps-lib-feedback was found to contain malicious code. Source: ghsa-malware...