2 matches found
CVE-2019-11831
CVE-2019-11831 affects Drupal’s TYPO3 phar-stream-wrapper integration. The vulnerability arises from incomplete validation in the phar:// stream wrapper library, enabling directory traversal that bypasses a deserialization protection mechanism. Affected: phar-stream-wrapper versions 2.x before 2....
CVE-2019-11830
The vulnerability CVE-2019-11830 affects TYPO3 in the PharStreamWrapper (phar-stream-wrapper) 2.x before 2.1.1 and 3.x before 3.1.1. The issue stems from misparsing Phar stubs, allowing bypass of deserialization protection. Impact is high (CVE-2019-11830) with critical, network-exposed access. Re...