Vulnerabilities > PHP > PHP > 8.1.21
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-11 | CVE-2023-3823 | XXE vulnerability in multiple products In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. | 7.5 |
2023-08-11 | CVE-2023-3824 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. | 9.8 |