php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

  Showing 1-30 of 151 Show Next 30 Entries »
Bugs for PHAR related
ID# Date Last Modified Type Status PHP Version OS Summary Assigned
61065
(edit)		 2012-02-12 21:43 UTC 2014-06-19 16:31 UTC Sec Bug Closed 5.3.10 All Secunia SA44335 - arbitrary code execution stas
68901
(edit)		 2015-01-24 18:44 UTC 2015-03-18 12:12 UTC Sec Bug Closed 5.5.21 Linux Ubuntu 14.04 use after free in phar_object.c laruence
69324
(edit)		 2015-03-29 03:24 UTC 2015-04-14 07:28 UTC Sec Bug Closed 5.6.7 * Buffer Over-read in unserialize when parsing Phar stas
69441
(edit)		 2015-04-14 05:35 UTC 2015-04-17 20:55 UTC Sec Bug Closed 5.6.8RC1 * Buffer Over flow when parsing tar/zip/phar in phar_set_inode stas
69443
(edit)		 2015-04-14 09:03 UTC 2015-05-22 09:49 UTC Sec Bug Closed 5.6.8RC1 * Heap metadata corruption when parsing tar file in phar_tar_process_metadata() kaplan
69453
(edit)		 2015-04-14 22:15 UTC 2015-05-19 05:33 UTC Sec Bug Closed 5.6.8 * Memory Corruption in phar_parse_tarfile when entry filename starts with null laruence
69720
(edit)		 2015-05-28 12:06 UTC 2015-10-11 10:53 UTC Sec Bug Closed 5.6.9, 5.6.10 * Null pointer dereference in phar_get_fp_offset() kaplan
69923
(edit)		 2015-06-24 16:09 UTC 2015-08-09 08:52 UTC Sec Bug Closed Irrelevant Linux (CentOS 7) Buffer overflow and stack smashing error in phar_fix_filepath kaplan
70019
(edit)		 2015-07-08 09:33 UTC 2015-09-09 10:01 UTC Sec Bug Closed 5.6.10 Windows 7 64bit, OSX 10.10 Files extracted from archive may be placed outside of destination directory stas
70433
(edit)		 2015-09-05 11:42 UTC 2015-10-11 10:53 UTC Sec Bug Closed 5.6Git-2015-09-05 (Git) Linux Uninitialized pointer in phar_make_dirstream when zip entry filename is "/" kaplan
71331
(edit)		 2016-01-10 17:51 UTC 2016-04-28 16:59 UTC Sec Bug Closed 5.6.17 Linux, Mac Uninitialized pointer in phar_make_dirstream() stas
71354
(edit)		 2016-01-12 20:46 UTC 2016-04-28 16:59 UTC Sec Bug Closed 5.5.31 Linux, Mac Heap corruption in tar/zip/phar parser. stas
71391
(edit)		 2016-01-16 18:46 UTC 2016-02-02 03:17 UTC Sec Bug Closed 5.5.31 Linux, Mac NULL Pointer Dereference in phar_tar_setupmetadata() stas
71488
(edit)		 2016-01-31 19:58 UTC 2016-03-10 21:12 UTC Sec Bug Closed 5.5.31   Stack overflow when decompressing tar archives stas
71498
(edit)		 2016-02-02 16:48 UTC 2016-03-02 06:38 UTC Sec Bug Closed 5.5.32 Unix Out-of-Bound Read in phar_parse_zipfile() stas
71860
(edit)		 2016-03-19 18:50 UTC 2016-04-25 17:07 UTC Sec Bug Closed 5.5.33 all Invalid memory write in phar on filename with \0 in name stas
72321
(edit)		 2016-06-03 06:43 UTC 2016-09-21 12:17 UTC Sec Bug Closed 5.6.22   invalid free in phar_extract_file() stas
72928
(edit)		 2016-08-23 07:53 UTC 2016-09-16 13:39 UTC Sec Bug Closed 5.6.25 ALL Out of bound when verify signature of zip phar in phar_parse_zipfile stas
73035
(edit)		 2016-09-06 21:02 UTC 2019-02-10 01:53 UTC Sec Bug Closed 5.6.25 ALL Out of bound when verify signature of tar phar in phar_parse_tarfile stas
73764
(edit)		 2016-12-16 21:22 UTC 2017-01-25 11:10 UTC Sec Bug Closed 5.6.29   Crash while loading hostile phar archive stas
73768
(edit)		 2016-12-16 23:39 UTC 2017-01-25 11:11 UTC Sec Bug Closed 5.6.29   Memory corruption when loading hostile phar stas
73773
(edit)		 2016-12-17 12:06 UTC 2017-07-12 17:09 UTC Sec Bug Closed 5.6.29   Seg fault when loading hostile phar stas
74782
(edit)		 2017-06-19 18:15 UTC 2018-01-16 09:06 UTC Sec Bug Closed 5.6.30   Reflected XSS in .phar 404 page stas
76129
(edit)		 2018-03-21 16:53 UTC 2018-04-29 20:47 UTC Sec Bug Closed 7.1.15 Fedora 27 (but probably global) fix for CVE-2018-5712 may not be complete stas
77022
(edit)		 2018-10-16 09:23 UTC 2020-01-08 17:49 UTC Sec Bug Closed 7.1.23   PharData always creates new files with mode 0666 stas
77143
(edit)		 2018-11-12 19:17 UTC 2019-02-21 21:12 UTC Sec Bug Closed 7.2.12 Linux Heap Buffer Overflow (READ: 4) in phar_parse_pharfile stas
77247
(edit)		 2018-12-06 08:11 UTC 2019-02-22 22:07 UTC Sec Bug Closed 5.6.39   heap buffer overflow in phar_detect_phar_fname_ext stas
77396
(edit)		 2019-01-02 06:33 UTC 2019-03-04 07:35 UTC Sec Bug Closed 7.1.25   Null Pointer Dereference in phar_create_or_parse_filename stas
77586
(edit)		 2019-02-08 11:16 UTC 2019-03-04 07:34 UTC Sec Bug Closed 7.1.26 Any phar_tar_writeheaders_int() buffer overflow bishop
77919
(edit)		 2019-04-18 14:01 UTC 2019-07-29 20:22 UTC Sec Bug Closed 7.3Git-2019-04-18 (Git) * Potential UAF in Phar RSHUTDOWN stas
  Showing 1-30 of 151 Show Next 30 Entries »
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri May 17 05:01:31 2024 UTC