PHP Security Update Advisory (CVE-2023-3824)

Feb 23 2024

Overview

An update has been made available to fix vulnerabilities in PHP. Users of affected versions are advised to update to the latest version.

Affected Products

PHP versions earlier than 8.0.30, 8.1.22, and 8.2.9

Resolved Vulnerabilities

Stack buffer overflow vulnerability due to insufficient length checking while reading PHAR directory entries when loading phar files in PHP (CVE-2023-3824)

Vulnerability Patches

Vulnerability patches were made available in the August 5, 2023 update. Please update to the latest vulnerability patch version as per the reference site.

PHP versions 8.0.30, 8.1.22, and 8.2.9

Referenced Sites

[1] CVE-2023-3824 Detail
https://nvd.nist.gov/vuln/detail/CVE-2023-3824
[2] Buffer overflow and overread in phar_dir_read()
https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv

PHP Security Update Advisory (CVE-2023-3824)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Cisco Product Security Update Advisory (CVE-2020-3259)

GitLab CE/EE Product Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Cisco Product Security Update Advisory (CVE-2020-3259)

GitLab CE/EE Product Security Update Advisory