Filtered by vendor Pear
Subscribe
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-25241 | 1 Pear | 1 Pearweb | 2026-02-05 | N/A | 9.8 CRITICAL |
| PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, an unauthenticated SQL injection in the /get/<package>/<version> endpoint allows remote attackers to execute arbitrary SQL via a crafted package version. This issue has been patched in version 1.33.0. | |||||
| CVE-2022-24953 | 1 Pear | 1 Crypt Gpg | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Crypt_GPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions. | |||||