April 3, 2022
A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code.
“An attacker exploiting the first one could take over any developer account and publish malicious releases, while the second bug would allow the attacker
“An attacker exploiting the first one could take over any developer account and publish malicious releases, while the second bug would allow the attacker
Article posted by: https://thehackernews.com/2022/04/15-year-old-bug-in-pear-php-repository.html
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com
