vulnerability
Huawei EulerOS: CVE-2023-3824: php security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Aug 11, 2023 | Jan 10, 2024 | Feb 20, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Aug 11, 2023
Added
Jan 10, 2024
Modified
Feb 20, 2025
Description
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Solution(s)
huawei-euleros-2_0_sp8-upgrade-phphuawei-euleros-2_0_sp8-upgrade-php-clihuawei-euleros-2_0_sp8-upgrade-php-commonhuawei-euleros-2_0_sp8-upgrade-php-fpmhuawei-euleros-2_0_sp8-upgrade-php-gdhuawei-euleros-2_0_sp8-upgrade-php-ldaphuawei-euleros-2_0_sp8-upgrade-php-odbchuawei-euleros-2_0_sp8-upgrade-php-pdohuawei-euleros-2_0_sp8-upgrade-php-processhuawei-euleros-2_0_sp8-upgrade-php-recodehuawei-euleros-2_0_sp8-upgrade-php-soaphuawei-euleros-2_0_sp8-upgrade-php-xmlhuawei-euleros-2_0_sp8-upgrade-php-xmlrpc

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.