| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2023-3824 | PHP Remote Code Execution Vulnerability | PHP | Critical | 30-05-2024 |
Technical Information
A remote code execution vulnerability in PHP when loading phar file, while reading PHAR directory entries insufficient length checking may lead to a stack buffer overflow which may allow memory corruption or remote code execution.
Patch Release Date: Aug 05, 2023
Further information on this vulnerability is available at: CVE-2023-3824
Affected Software
PHP 8.0.0 to 8.0.30,PHP 8.1.0 to 8.1.22,
PHP 8.2.0 to 8.2.9