Known as CVE-2019-9021 , a heap-based buffer over-read happens during the filename expansion phase within phar_detect_phar_fname_ext .
Never upgrade your live site directly. Set up a staging site that mimics your production environment. php version 5640 vulnerabilities link
: An out-of-bounds read error in the xmlrpc_decode function. Remote attackers could cause memory corruption or information disclosure via a hostile XML-RPC server. Known as CVE-2019-9021 , a heap-based buffer over-read
What your legacy application uses (e.g., custom code, old WordPress, Magento 1) Your operating system and hosting environment Known as CVE-2019-9021
Supported versions (8.2, 8.3, 8.4, 8.5) receive regular updates for new vulnerabilities.
[PHP 5.6.40 EOL] ──> No More Security Patches ──> New Exploits Discovered ──> Automatic Server Compromise