VDB
AZL-63070
AZL-63070
PUBLISHED
CVSS 9.800000190734863 CRITICAL
CVE-2023-3824 affecting package php for versions less than 8.2.8-1
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Azure Linux:3 | php | 0 |
Exploit Intelligence
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- poc-cve-2023-3824 (github-poc-repo)
- dadosneurais/cve-2023-3824 (github-poc-repo)
- dadosneurais/cve-2023-3824 (github-poc)
- poc-cve-2023-3824 (github-poc)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc)
- cve_db.json (github-poc)
Timeline
- Aug 11, 2023 CVE Published
- Apr 21, 2026 CVE Updated