Description
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-0648 Vulnerability (CVE-2016-0648)
Oracle Database Server CVE-2014-4310 Vulnerability (CVE-2014-4310)
WordPress Plugin Delete All Comments Arbitrary File Upload (2.0)
WordPress Plugin Arlo training and event management system Cross-Site Scripting (2.1.7.1)
WordPress Plugin Category Grid View Gallery TimThumb Arbitrary File Upload (0.1.1)