Download
| Alert*
oval:org.secpod.oval:def:704146
php7.2: HTML-embedded scripting language interpreter PHP could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:89002047 This update for php53 fixes the following issues: The following security issue was fixed: - An out-of-bounds read in the do_core_note function in readelf.c in libmagic.a allowed remote attackers to cause a denial of service via a crafted ELF file - CVE-2018-12882: exif_read_from_impl allowed attack ... oval:org.secpod.oval:def:76676 exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function. oval:org.secpod.oval:def:51067 php7.2: HTML-embedded scripting language interpreter PHP could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:1600916 exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP 7.2.x before 7.2.8 allows remote attackers to cause a denial of service via a crafted JPEG file.exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free because it closes a stream that it ... oval:org.secpod.oval:def:51069 php7.2: HTML-embedded scripting language interpreter Details: USN-3702-1 fixed a vulnerability in PHP. PHP 7.2.7 did not actually include the fix for CVE-2018-12882. This update adds a backported patch to correct the issue. We apologize for the inconvenience. Original advisory PHP could be made to c ... oval:org.secpod.oval:def:704149 php7.2: HTML-embedded scripting language interpreter Details: USN-3702-1 fixed a vulnerability in PHP. PHP 7.2.7 did not actually include the fix for CVE-2018-12882. This update adds a backported patch to correct the issue. We apologize for the inconvenience. Original advisory PHP could be made to c ... oval:org.secpod.oval:def:3300866 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:89047906 This update for php7 fixes the following issues: - Version update to 7.2.34 [jsc#SLE-23639] - CVE-2022-37454: Fixed SHA-3 buffer overflow . - Fix integer overflow in PHP_SHA3##bits . |