Description
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.
Remediation
References
Related Vulnerabilities
MediaWiki Other Vulnerability (CVE-2021-36126)
WordPress Plugin Easy2Map Photos Multiple Vulnerabilities (1.0.9)
WordPress Plugin Scroll To Top Cross-Site Scripting (1.4.0)
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (32.0.5)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000395)