Early Access — Mondoo Vulnerability Intelligence is currently in preview.
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
Exploitability
AV:LAC:LPR:HUI:NScope
S:UImpact
C:NI:NA:L2.3/CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:LOther