Download
| Alert*
oval:org.secpod.oval:def:76797
The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecifi ... oval:org.secpod.oval:def:97632 [CLSA-2022:1651177943] Fix of 227 CVE oval:org.secpod.oval:def:504988 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. The ... oval:org.secpod.oval:def:89045230 This update for php53 fixes the following issues: - CVE-2016-5093: A get_icu_value_internal out-of-bounds read could crash the php interpreter - CVE-2016-5094,CVE-2016-5095: Don"t allow creating strings with lengths outside int range, avoids overflows - CVE-2016-5096: A int/size_t confusion in fre ... oval:org.secpod.oval:def:89045244 This update for php53 fixes the following security issues: - CVE-2016-4073: A remote attacker could have caused denial of service, or possibly execute arbitrary code, due to incorrect handling of string length calculations in mb_strcut - CVE-2015-8867: The PHP function openssl_random_pseudo_bytes d ... |