<< Back
CVE Number Vulnerability Product Severity Date
CVE-2023-3824 PHP Remote Code Execution Vulnerability PHP Critical 30-05-2024

Technical Information

A remote code execution vulnerability in PHP when loading phar file, while reading PHAR directory entries insufficient length checking may lead to a stack buffer overflow which may allow memory corruption or remote code execution.

Patch Release Date: Aug 05, 2023
Further information on this vulnerability is available at: CVE-2023-3824

Affected Software

PHP 8.0.0 to 8.0.30,
PHP 8.1.0 to 8.1.22,
PHP 8.2.0 to 8.2.9