CVE-2023-3824
- Reference to the description:
- Description:
- In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
- Last updated date:
- 02/13/2025
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 08/21/2023
- Reference url to background
https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 03/09/2024
- Reference url to background
https://github.com/NewLockBit/CVE-2023-3824-PHP-to-RCE-LockBit-LEAK
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/10/2025
- Reference url to background