Skip to main content
CVE-2016-10160 CRITICAL PATCH Act Now

Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Denial Of Service PHP Clustered Data Ontap +1
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
4.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy