GSD-2022-1002522

Source
https://github.com/cloudsecurityalliance/gsd-database/blob/main/2022/1002xxx/GSD-2022-1002522.json
Published
2022-05-24T17:10:11.663637Z
Modified
2023-03-14T07:01:09.291903Z
Details

In PHP phpass version 0.3.x-dev, 0.3.x a backdoor exists in the phpass package that can be attacked via malicious package update resulting in credential theft

References

Affected packages