knplabs/knp-snappy Security Advisories for 0.1.1 (2)
-
[CRITICAL] Snappy PHAR deserialization vulnerability
PKSA-cd3f-fj3y-g547 CVE-2023-41330 GHSA-92rv-4j2h-8mjj
Affected version: <=1.4.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[CRITICAL] PHAR deserialization allowing remote code execution
PKSA-sdn5-dtyj-96rq CVE-2023-28115 GHSA-gq6w-q6wh-jggc
Affected version: <1.4.2
Reported by:
GitHub, FriendsOfPHP/security-advisories