Download
| Alert*
oval:org.secpod.oval:def:1600342
A stack overflow vulnerability was reported that may occur when decompressing tar archives due to phar_tar_writeheaders potentially copying non-terminated linknames from entries parsed by phar_parse_tarfile. oval:org.secpod.oval:def:703058 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:76783 Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive. oval:org.secpod.oval:def:52760 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:504988 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. The ... oval:org.secpod.oval:def:89045230 This update for php53 fixes the following issues: - CVE-2016-5093: A get_icu_value_internal out-of-bounds read could crash the php interpreter - CVE-2016-5094,CVE-2016-5095: Don"t allow creating strings with lengths outside int range, avoids overflows - CVE-2016-5096: A int/size_t confusion in fre ... oval:org.secpod.oval:def:89045271 This update for php53 fixes the following issues: - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM . - CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351] - CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could ... oval:org.secpod.oval:def:97632 [CLSA-2022:1651177943] Fix of 227 CVE |