6 matches found
PharStreamWrapper for Typo3 unsafe deserialization vulnerability
PharMetaDataInterceptor in the PharStreamWrapper aka phar-stream-wrapper package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism...
GHSA-3HXW-G85P-QGXM PharStreamWrapper for Typo3 unsafe deserialization vulnerability
PharMetaDataInterceptor in the PharStreamWrapper aka phar-stream-wrapper package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism...
CVE-2019-11830
PharMetaDataInterceptor in the PharStreamWrapper aka phar-stream-wrapper package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism...
CVE-2019-11830
PharMetaDataInterceptor in the PharStreamWrapper aka phar-stream-wrapper package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism...
CVE-2019-11830
The vulnerability CVE-2019-11830 affects TYPO3 in the PharStreamWrapper (phar-stream-wrapper) 2.x before 2.1.1 and 3.x before 3.1.1. The issue stems from misparsing Phar stubs, allowing bypass of deserialization protection. Impact is high (CVE-2019-11830) with critical, network-exposed access. Re...
CVE-2019-11830
PharMetaDataInterceptor in the PharStreamWrapper aka phar-stream-wrapper package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism...