6 matches found
EUVD-2022-53080
Malicious code in bioql PyPI...
BIT-PHP-MIN-2022-31628 phar wrapper can occur dos when using quine gzip file
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...
OESA-2023-1272 php security update
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
php: phar: infinite loop when decompressing quine gzip file
A vulnerability was found in PHP due to an infinite loop within the phar uncompressor code when processing "quines" gzip files. This vulnerability allows a remote attacker to pass a specially crafted archive to the application, and consume all available system resources, causing a denial of servi...
PHP 8.0.x < 8.0.24 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 7.4.x prior to 7.4.32, 8.0.x prior to 8.0.24, or 8.1.x prior to 8.1.11. It is, therefore, affected by multiple vulnerabilities: - The phar uncompressor code would recursively uncompress quines gzip...
PT-2022-7563
Name of the Vulnerable Software and Affected Versions PHP versions prior to 7.4.31 PHP versions prior to 8.0.24 PHP versions prior to 8.1.11 Description The issue is related to the execution of a loop with an unreachable exit condition, allowing an attacker to cause a denial of service. In PHP, t...