CVE-2023-3824
Buffer overflow and overread in phar_dir_read()
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
We have discovered 1,089,606 live websites that are affected by CVE-2023-3824.
Affected Software
| Product |  PHP |
| Category | Programming Languages |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 507 |
| Vulnerable Domains | 1,089,606 live websites (9.01% of PHP install base) |
Common Weakness Enumeration
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-3824 and the relative popularity of websitesDetails
- Published - Aug 11, 2023
- Updated - Aug 11, 2023
Credits
- Niels Dossche (reporter)
CWE
CVE References
CWE References
Countries
 United States | 250,354 websites |
 Germany | 476,500 websites |
 France | 101,362 websites |
 Netherlands | 25,361 websites |
 GB | 22,393 websites |
 Russia | 21,018 websites |
 Canada | 14,535 websites |
 Italy | 13,237 websites |
 Japan | 11,337 websites |
 Spain | 11,272 websites |
TLDs
| .com | 560,007 websites |
| .de | 95,629 websites |
| .org | 59,971 websites |
| .fr | 45,090 websites |
| .net | 42,336 websites |
| .nl | 22,025 websites |
| .ru | 18,310 websites |
| .co.uk | 16,194 websites |
| .it | 11,218 websites |
| .info | 11,067 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2023-3824 through included software libraries and plugins.References
- https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv
- https://lists.fedoraproject.org/archives/list/[email protected]/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/
- https://security.netapp.com/advisory/ntap-20230825-0001/
- https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html
Websites affected by CVE-2023-3824
Top websites that are affected by CVE-2023-3824. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******.com | United States | *** | |
| ***.******.com | United States | *** | |
| ********.com | United States | *** | |
| ************.com | Germany | *** | |
| ******.org | United States | *** | |
| ************.com | United States | *** | |
| *****.******.com | United States | *** | |
| **********.******.org | United States | *** | |
| ***.******.net | Germany | *,*** | |
| ****.com |  China | *,*** |