Описание
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.
Ссылки
- ExploitMailing ListPatchVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- ExploitMailing ListPatchVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
4.8 Medium
CVSS3
3.6 Low
CVSS3
3.3 Low
CVSS2
Дефекты
Связанные уязвимости
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below ...
EPSS
4.8 Medium
CVSS3
3.6 Low
CVSS3
3.3 Low
CVSS2