Threat Advisories - NVD Disclosed February 22, 2019

CVE-2019-9021

PHP PHAR reading vulnerability could allow attackers to access sensitive memory

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical flaw in PHP allows attackers to read sensitive memory by providing a specially crafted file name, potentially exposing confidential data in widely used web applications.

NVD published: February 22, 2019