Finding #20
| Inventory item | php-test 8.3.31 (software, php) |
|---|---|
| Title | PEAR Archive_Tar: PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability |
| Match | keyword / confidence low |
| Status | new |
| First seen | 2026-06-11T07:35:11Z |
| Last updated | 2026-06-11T07:35:11Z |
| Source advisory | PEAR Archive_Tar: PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux. |