VDB
CVE-2023-3824
CVE-2023-3824
PUBLISHED
EPSS 29.39% · 96.7th percentile
Risk Scores
EPSS Score
29.39%
96.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | php |
Exploit Intelligence
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
- Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824 (github-poc-repo)
…and 73 more exploits
Timeline
- Aug 6, 2023 CVE Published
- Aug 11, 2023 EPSS Score
- May 6, 2024 VulnCheck KEV Exploitation
- May 14, 2024 VulnCheck KEV Exploitation
- Jul 1, 2024 VulnCheck KEV Exploitation
- Mar 17, 2025 EPSS Score
- Mar 19, 2025 EPSS Score
- Mar 20, 2025 EPSS Score
- Mar 27, 2025 EPSS Score
- Mar 28, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
References
- ALAS2-2025-2832: php (important) advisory
- ALAS2PHP8.2-2023-002: php (important) advisory
- ALAS2PHP8.0-2023-009: php (important) advisory
- ALAS2PHP8.1-2023-004: php (important) advisory