Ibb-php


reports in last 90 days

72

disclosed resolved issues

0

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Medium Heap Use After Free in unserialize()

Use After Free cy1337 Issue was not triaged


Time to close: 3 Days and 6 hours
Resolved

Medium Out of Bounds Memory Read in unserialize()

Buffer Over-read cy1337 Issue was not triaged


Time to close: 3 Days and 6 hours
Resolved

Medium Heap Use After Free Read in unserialize()

Use After Free cy1337 Issue was not triaged


Time to close: 3 Days and 6 hours
Resolved

Medium linkinfo - openbasedir bypass on Windows PHP

Improper Access Control - Generic fms Issue was not triaged


Time to close: 73 Days and 4 hours
Resolved

Medium Improper handling of Chunked data request in sapi_apache2.c leads to Reflected XSS

Cross-site Scripting (XSS) - Reflected cymtrick Issue was not triaged


Time to close: 16 Days and 18 hours
Resolved

Medium heap-buffer-overflow (READ of size 48) in exif_read_data()

Heap Overflow geeknik Issue was not triaged


Time to close: 14 Days and 3 hours
Resolved

Medium CVE-2018-12882: heap-use-after-free in PHP 7.2 through 7.2.6, possible 7.2.7

Use After Free geeknik Issue was not triaged


Time to close: 37 Days and 16 hours
Resolved

Medium Heap Buffer Overflow (READ: 1786) in exif_iif_add_value

Buffer Over-read 97ffb8d5 Issue was not triaged


Time to close: 5 Days and 2 hours
Resolved

Medium Use of uninitialized memory in unserialize()

Code Injection rc0r Issue was not triaged


Time to close: 139 Days and 7 hours
Resolved

Medium Out of bounds memory read in unserialize()

Out-of-bounds Read hanno Issue was not triaged


Time to close: 119 Days and 21 hours
Resolved

Medium Buffer overflow in HTTP parse_hostinfo(), parse_userinfo() and parse_scheme()

Memory Corruption - Generic rc0r Issue was not triaged


Time to close: 59 Days and 10 hours
Resolved

Low Heap overflow caused by type confusion vulnerability in merge_param()

Memory Corruption - Generic rc0r Issue was not triaged


Time to close: 67 Days and 8 hours
Resolved

Medium imagefilltoborder stackoverflow on truecolor images

Denial of Service fms Issue was not triaged


Time to close: 55 Days and 15 hours
Resolved

Low Write out-of-bounds at number_format

Memory Corruption - Generic fms Issue was not triaged


Time to close: 52 Days and 14 hours
Resolved

Low memcpy negative size parameter in php_resolve_path

Memory Corruption - Generic fms Issue was not triaged


Time to close: 52 Days and 14 hours
Resolved

Low memcpy negative parameter _bc_new_num_ex

Memory Corruption - Generic fms Issue was not triaged


Time to close: 52 Days and 14 hours
Resolved

Low Invalid parameter in memcpy function trough openssl_pbkdf2

Memory Corruption - Generic emyei Issue was not triaged


Time to close: 55 Days and 22 hours
Resolved

No rating Out of bound read in exif_process_IFD_in_MAKERNOTE

Memory Corruption - Generic hoangnguyen Issue was not triaged


Time to close: 12 Days and 10 hours
Resolved

No rating NULL Pointer Dereference in exif_process_user_comment

Memory Corruption - Generic hoangnguyen Issue was not triaged


Time to close: 12 Days and 10 hours
Resolved

No rating Buffer overflow in HTTP url parsing functions

Code Injection rc0r Issue was not triaged


Time to close: 52 Days and 3 hours
Resolved

No rating Use After Free Vulnerability in PHP's GC algorithm and unserialize

Code Injection evonide Issue was not triaged


Time to close: 5 Days and 8 hours
Resolved

No rating ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize

Code Injection evonide Issue was not triaged


Time to close: 5 Days and 8 hours
Resolved

No rating Null pointer deref (segfault) in stream_context_get_default

None supplied cyberpunkych Issue was not triaged


Time to close: 38 Days and 12 hours
Resolved

No rating Integer overflow in ZipArchive::getFrom*

Memory Corruption - Generic hji Issue was not triaged


Time to close: 7 Days and 12 hours
Resolved

No rating php_snmp_error() Format String Vulnerability

Code Injection rewzilla Issue was not triaged


Time to close: 30 Days and 2 hours
Resolved