EUVD-2023-55067

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-3824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length...

CVE-2025-2105 Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR

The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'ravendownloadfile' function. This makes it possible for attackers to inject a PHP Object through a PH...

USN-6305-3 php7.0 and php7.2 regression

USN-6305-2 fixed a vulnerability in PHP. The update caused a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fix it. Original advisory details: It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive...

Snappy PHAR deserialization vulnerability

Issue On March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. To fix this issue, the version 1.4.2 was released with an additional check in the affected function to prevent the usage of the phar:// wrapper...

MGASA-2023-0248 Updated php packages fix security vulnerability

Libxml - GHSA-3qrf-m4j2-pcrr Security issue with external entity loading in XML without enabling it. CVE-2023-3823 Phar - GHSA-jqcx-ccgc-xwhv Buffer mismanagement in phardirread CVE-2023-3824...

CVE-2023-2288 Otter - Gutenberg Blocks < 2.2.6 - Author+ PHAR Deserialization

The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP 8.0 using the phar:// stream wrapper...

SUSE CVE-2010-2950

Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information memory contents and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the pharstreamflush function,...

SUSE CVE-2016-10160

Off-by-one error in the pharparsepharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch...

Pear Archive_Tar Injection Vulnerability

Pear ArchiveTar is a Php-based software from the Pear PEAR team that can create and extract tarballs. A security vulnerability exists in ArchiveTar version 1.4.10 and earlier versions, which stems from the :// filename sanitization attack only for phar, so any other stream-wrapper file:// to...

php: Reflected XSS on PHAR 404 page

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file...

Internet Bug Bounty: Null Pointer Dereference in phar_create_or_parse_filename

The original report is here https://bugs.php.net/bug.php?id=77396 Description: ------------ Please use these poc file: https://drive.google.com/file/d/1bzw-j4FtV7PEf6SW2GYmDVKtMybmbKnl/view?usp=sharing Test script: --------------- USEZENDALLOC=0 ../../php-7.1.25/sapi/cli/php -r '$phar=new...

php: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile

The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressedfilesize field is large enough, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via a crafted PHA...

ALPINE-CVE-2018-10547

An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an...

PHP Memory Corruption Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A security vulnerability exists in the 'pharparsepharfile' function in the ext/phar/phar.c file in PHP versions prior to 5.6.30 and 7.x versions...

UBUNTU-CVE-2016-4342

ext/phar/pharobject.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted 1 TAR, 2 ZIP, or 3 PHAR archive...

PHP PHAR Denial of Service Vulnerability

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A denial-of-service vulnerability exists in PHP PHAR, which allows an attacker to submit a special request to crash an application, resulting in a denial of service...

UBUNTU-CVE-2015-5589

The pharconverttoother function in ext/phar/pharobject.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other...

Fedora 13 : maniadrive-1.2-27.fc13 / php-5.3.6-1.fc13 / php-eaccelerator-0.9.6.1-6.fc13 (2011-3666)

Security Enhancements and Fixes in PHP 5.3.6 : - Fixed bug 54247 format-string vulnerability on Phar. CVE-2011-1153 - Fixed bug 54193 Integer overflow in shmopread. CVE-2011-1092 - Fixed bug 54055 buffer overrun with high values for precision ini setting. - Fixed bug 54002 crash on crafted tag in...