[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-3824":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":78,"duplicate_of":9,"upstream":79,"downstream":80,"duplicates":115,"related":116,"reserved_at":9,"published_at":123,"modified_at":124,"state":125,"summary":126,"references_raw":134,"kevs":155,"epss":156,"epss_history":159,"metrics":404,"affected":414},"CVE-2023-3824","In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[69],{"_key":70,"name":71,"source":72,"url":73,"maturity":74,"reliability_score":75,"verified":76,"type":9,"platforms":77,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_PHP_PHP-SRC","Php Src","github","https://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846","poc",0.3,false,[],[],[],[81,83,85,87,89,91,93,95,97,99,101,103,105,107,109,111,113],{"_key":82},"SUSE-SU-2023:3445-1",{"_key":84},"SUSE-SU-2023:3498-1",{"_key":86},"SUSE-SU-2023:3528-1",{"_key":88},"SUSE-SU-2023:3541-1",{"_key":90},"OPENSUSE-SU-2024:13153-1",{"_key":92},"DLA-3555-1",{"_key":94},"DSA-5660-1",{"_key":96},"DSA-5661-1",{"_key":98},"RHSA-2023:5926",{"_key":100},"RHSA-2023:5927",{"_key":102},"RHSA-2024:0387",{"_key":104},"RHSA-2024:10952",{"_key":106},"MGASA-2023-0248",{"_key":108},"UBUNTU-CVE-2023-3824",{"_key":110},"USN-6305-1",{"_key":112},"DEBIAN-CVE-2023-3824",{"_key":114},"USN-6305-2",[],[117,118,119,120,121,122],{"_key":82},{"_key":84},{"_key":86},{"_key":88},{"_key":90},{"_key":106},"2023-08-11T05:48:34.082Z","2025-02-13T17:01:48.673Z","Modified",{"cisa_kev":76,"cisa_ransomware":76,"cisa_vendor":9,"epss_severity":127,"epss_score":128,"severity":129,"severity_score":130,"severity_version":131,"severity_source":132,"severity_vector":133,"severity_status":125},"high",0.29385,"critical",9.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[135,142,147,151],{"url":136,"sources":137,"tags":139},"https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv",[138,132],"cve.org",[140,141],"Exploit","Third Party Advisory",{"url":143,"sources":144,"tags":145},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/",[138,132],[146],"Mailing List",{"url":148,"sources":149,"tags":150},"https://security.netapp.com/advisory/ntap-20230825-0001/",[138,132],[141],{"url":152,"sources":153,"tags":154},"https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html",[138,132],[146],[],{"date":157,"score":128,"percentile":158},"2026-06-04",0.96694,[160,164,167,170,173,175,178,180,183,186,189,192,195,197,199,203,206,209,212,215,218,221,224,227,230,233,235,238,241,244,247,249,251,253,255,257,260,263,266,269,271,274,276,279,282,285,287,290,292,294,296,298,301,304,308,311,313,315,317,320,323,325,327,329,331,333,336,339,341,344,346,348,351,354,357,360,364,366,369,372,375,378,382,385,388,390,393,396,398,401],{"date":161,"score":162,"percentile":163},"2025-11-04",0.32167,0.96615,{"date":165,"score":162,"percentile":166},"2025-11-05",0.96614,{"date":168,"score":162,"percentile":169},"2025-11-06",0.96617,{"date":171,"score":162,"percentile":172},"2025-11-07",0.9662,{"date":174,"score":162,"percentile":172},"2025-11-08",{"date":176,"score":162,"percentile":177},"2025-11-09",0.96619,{"date":179,"score":162,"percentile":172},"2025-11-10",{"date":181,"score":162,"percentile":182},"2025-11-11",0.96622,{"date":184,"score":162,"percentile":185},"2025-11-12",0.96624,{"date":187,"score":162,"percentile":188},"2025-11-13",0.96626,{"date":190,"score":162,"percentile":191},"2025-11-14",0.96627,{"date":193,"score":162,"percentile":194},"2025-11-15",0.96625,{"date":196,"score":162,"percentile":194},"2025-11-16",{"date":198,"score":162,"percentile":191},"2025-11-17",{"date":200,"score":201,"percentile":202},"2025-11-18",0.60706,0.98254,{"date":204,"score":201,"percentile":205},"2025-11-19",0.98255,{"date":207,"score":201,"percentile":208},"2025-11-20",0.98257,{"date":210,"score":162,"percentile":211},"2025-11-21",0.96635,{"date":213,"score":162,"percentile":214},"2025-11-22",0.96634,{"date":216,"score":162,"percentile":217},"2025-11-23",0.96633,{"date":219,"score":162,"percentile":220},"2025-11-24",0.96638,{"date":222,"score":162,"percentile":223},"2025-11-25",0.96639,{"date":225,"score":162,"percentile":226},"2025-11-26",0.96641,{"date":228,"score":162,"percentile":229},"2025-11-27",0.96643,{"date":231,"score":162,"percentile":232},"2025-11-28",0.9664,{"date":234,"score":162,"percentile":232},"2025-11-29",{"date":236,"score":162,"percentile":237},"2025-11-30",0.96642,{"date":239,"score":162,"percentile":240},"2025-12-01",0.96672,{"date":242,"score":162,"percentile":243},"2025-12-02",0.9667,{"date":245,"score":162,"percentile":246},"2025-12-03",0.96671,{"date":248,"score":162,"percentile":226},"2025-12-04",{"date":250,"score":162,"percentile":229},"2025-12-05",{"date":252,"score":162,"percentile":229},"2025-12-06",{"date":254,"score":162,"percentile":229},"2025-12-07",{"date":256,"score":162,"percentile":229},"2025-12-08",{"date":258,"score":162,"percentile":259},"2025-12-09",0.96644,{"date":261,"score":162,"percentile":262},"2025-12-10",0.96648,{"date":264,"score":162,"percentile":265},"2025-12-11",0.96651,{"date":267,"score":162,"percentile":268},"2025-12-12",0.96653,{"date":270,"score":162,"percentile":265},"2025-12-13",{"date":272,"score":162,"percentile":273},"2025-12-14",0.96652,{"date":275,"score":162,"percentile":268},"2025-12-15",{"date":277,"score":162,"percentile":278},"2025-12-16",0.96656,{"date":280,"score":162,"percentile":281},"2025-12-17",0.96658,{"date":283,"score":162,"percentile":284},"2025-12-18",0.96659,{"date":286,"score":162,"percentile":284},"2025-12-19",{"date":288,"score":162,"percentile":289},"2025-12-20",0.9666,{"date":291,"score":162,"percentile":284},"2025-12-21",{"date":293,"score":162,"percentile":284},"2025-12-22",{"date":295,"score":162,"percentile":281},"2025-12-23",{"date":297,"score":162,"percentile":289},"2025-12-24",{"date":299,"score":162,"percentile":300},"2025-12-25",0.96665,{"date":302,"score":162,"percentile":303},"2025-12-26",0.96664,{"date":305,"score":306,"percentile":307},"2025-12-27",0.34541,0.96873,{"date":309,"score":162,"percentile":310},"2025-12-28",0.96663,{"date":312,"score":162,"percentile":310},"2025-12-29",{"date":314,"score":162,"percentile":300},"2025-12-30",{"date":316,"score":162,"percentile":243},"2025-12-31",{"date":318,"score":162,"percentile":319},"2026-01-01",0.96702,{"date":321,"score":162,"percentile":322},"2026-01-02",0.96701,{"date":324,"score":162,"percentile":322},"2026-01-03",{"date":326,"score":162,"percentile":243},"2026-01-04",{"date":328,"score":162,"percentile":243},"2026-01-05",{"date":330,"score":162,"percentile":246},"2026-01-06",{"date":332,"score":162,"percentile":240},"2026-01-07",{"date":334,"score":162,"percentile":335},"2026-01-08",0.96675,{"date":337,"score":162,"percentile":338},"2026-01-09",0.96677,{"date":340,"score":162,"percentile":338},"2026-01-10",{"date":342,"score":162,"percentile":343},"2026-01-11",0.96678,{"date":345,"score":162,"percentile":343},"2026-01-12",{"date":347,"score":162,"percentile":343},"2026-01-13",{"date":349,"score":162,"percentile":350},"2026-01-14",0.96682,{"date":352,"score":162,"percentile":353},"2026-01-15",0.96683,{"date":355,"score":162,"percentile":356},"2026-01-16",0.96685,{"date":358,"score":162,"percentile":359},"2026-01-17",0.96687,{"date":361,"score":362,"percentile":363},"2026-01-18",0.32716,0.96733,{"date":365,"score":362,"percentile":363},"2026-01-19",{"date":367,"score":362,"percentile":368},"2026-01-20",0.96734,{"date":370,"score":362,"percentile":371},"2026-01-21",0.96735,{"date":373,"score":362,"percentile":374},"2026-01-22",0.96737,{"date":376,"score":362,"percentile":377},"2026-01-23",0.96741,{"date":379,"score":380,"percentile":381},"2026-01-24",0.36887,0.97026,{"date":383,"score":380,"percentile":384},"2026-01-25",0.97027,{"date":386,"score":380,"percentile":387},"2026-01-26",0.97029,{"date":389,"score":380,"percentile":387},"2026-01-27",{"date":391,"score":380,"percentile":392},"2026-01-28",0.97031,{"date":394,"score":380,"percentile":395},"2026-01-29",0.97033,{"date":397,"score":380,"percentile":395},"2026-01-30",{"date":399,"score":362,"percentile":400},"2026-01-31",0.96748,{"date":402,"score":362,"percentile":403},"2026-02-01",0.96775,[405,412],{"source":138,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":406,"cvss_v4_0":9},{"baseScore":407,"baseSeverity":408,"vectorString":409,"impactScore":410,"exploitabilityScore":411},9.4,"CRITICAL","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",9.2,10,{"source":132,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":413,"cvss_v4_0":9},{"baseScore":130,"baseSeverity":408,"vectorString":133,"impactScore":130,"exploitabilityScore":411},[415,424,430,448],{"ecosystem":9,"name":416,"vendor":417,"product":418,"cpe_part":419,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":420},"debian linux","debian","debian_linux","o",[421],{"version":422,"is_range":76,"range_type":423,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":9,"name":425,"vendor":426,"product":425,"cpe_part":419,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":427},"fedora","fedoraproject",[428],{"version":429,"is_range":76,"range_type":423,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38",{"ecosystem":9,"name":431,"vendor":9,"product":431,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":432},"PHP",[433,440,444],{"version":434,"is_range":435,"range_type":138,"version_start":436,"version_start_type":437,"version_end":438,"version_end_type":439,"fixed_in":9},">= 8.0.*, \u003C 8.0.30",true,"8.0.*","including","8.0.30","excluding",{"version":441,"is_range":435,"range_type":138,"version_start":442,"version_start_type":437,"version_end":443,"version_end_type":439,"fixed_in":9},">= 8.1.*, \u003C 8.1.22","8.1.*","8.1.22",{"version":445,"is_range":435,"range_type":138,"version_start":446,"version_start_type":437,"version_end":447,"version_end_type":439,"fixed_in":9},">= 8.2.*, \u003C 8.2.8","8.2.*","8.2.8",{"ecosystem":9,"name":431,"vendor":9,"product":431,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":449},[450,453,456],{"version":451,"is_range":435,"range_type":423,"version_start":452,"version_start_type":437,"version_end":438,"version_end_type":439,"fixed_in":9},"gte8.0.0_lt8.0.30","8.0.0",{"version":454,"is_range":435,"range_type":423,"version_start":455,"version_start_type":437,"version_end":443,"version_end_type":439,"fixed_in":9},"gte8.1.0_lt8.1.22","8.1.0",{"version":457,"is_range":435,"range_type":423,"version_start":458,"version_start_type":437,"version_end":459,"version_end_type":439,"fixed_in":9},"gte8.2.0_lt8.2.9","8.2.0","8.2.9"]