Download
| Alert*
|
oval:org.secpod.oval:def:76682
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. oval:org.secpod.oval:def:1600834 Reflected XSS in .phar 404 pageAn issue was discovered in PHP; there is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. Denial of Service via infinite loop in libgd gdImageCreateFromGifCtx function in ext/gd/libgd/gd_gif_in.cThe gd_gif_in.c file in the GD Graphic ... oval:org.secpod.oval:def:52913 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:52014 php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:53365 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2018-7584 Buffer underread in parsing HTTP responses CVE-2018-10545 Dumpable FPM child processes allowed the bypass of opcache access controls CVE-2018-10546 Denial of service via infinite lo ... oval:org.secpod.oval:def:2101910 An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. oval:org.secpod.oval:def:703979 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:704014 php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:114334 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:114335 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:504906 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php . Security Fix: * php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field * php: Use after free in wddx_dese ... oval:org.secpod.oval:def:603230 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2017-11144 Denial of service in openssl extension due to incorrect return value check of OpenSSL sealing function CVE-2017-11145 Out-of-bounds read in wddx_deserialize CVE-2017-11628 Buffer o ... oval:org.secpod.oval:def:1504480 [5.4.16-48] - fix underflow in env_path_info in fpm_main.c CVE-2019-11043 [5.4.16-47] - fix stack-buffer-overflow while parsing HTTP response CVE-2018-7584 - fix out-of-bounds read in base64_decode_xmlrpc CVE-2019-9024 - fix reflected XSS in phar 404 page CVE-2018-5712 - fix reflected XSS in phar 40 ... oval:org.secpod.oval:def:97632 [CLSA-2022:1651177943] Fix of 227 CVE oval:org.secpod.oval:def:205526 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Reflected XSS on PHAR 404 page * php: Stack-based buffer under-read in php_stream_url_wrap_http_ex in http_fopen_wrapper.c when parsing HTTP response * php: Reflected XSS vulnerability on PHA ... oval:org.secpod.oval:def:503593 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Reflected XSS on PHAR 404 page * php: Stack-based buffer under-read in php_stream_url_wrap_http_ex in http_fopen_wrapper.c when parsing HTTP response * php: Reflected XSS vulnerability on PHA ... oval:org.secpod.oval:def:505023 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php71-php . Security Fix: * gd: Unsigned integer underflow _gdContributionsAlloc * php: Out of bounds access in php_pcre.c:php_pcre_replac ... oval:org.secpod.oval:def:89043717 This update for php53 fixes several issues. These security issues were fixed: - CVE-2016-10712: In PHP all of the return values of stream_get_meta_data could be controlled if the input can be controlled . - CVE-2018-5712: Prevent reflected XSS on the PHAR 404 error page via the URI of a request for ... |
