Download
| Alert*
oval:org.secpod.oval:def:75884
An out-of-bounds read and write flaw was discovered in the PHP-FPM code, which could result in escalation of privileges from local unprivileged user to the root user. oval:org.secpod.oval:def:1505671 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support php-pear [1:1.10.12-1] - update PEAR to 1.10.12 - update Archive_Tar to 1.4.9 - update Console_Getopt to 1.4.3 - update XML_Util to 1.4.5 php-pecl-apcu [5.1.18-1] - update to 5.1.18 php-pecl-rrd php-pecl-xdebug [2.9.5-1] - update to 2.9.5 php- ... oval:org.secpod.oval:def:97585 [CLSA-2021:1637673193] Fixed CVEs in php: CVE-2021-21703, CVE-2021-21704, CVE-2021-21705 oval:org.secpod.oval:def:2500733 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:3301004 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:121063 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:605661 An out-of-bounds read and write flaw was discovered in the PHP-FPM code, which could result in escalation of privileges from local unprivileged user to the root user. oval:org.secpod.oval:def:605660 An out-of-bounds read and write flaw was discovered in the PHP-FPM code, which could result in escalation of privileges from local unprivileged user to the root user. oval:org.secpod.oval:def:88314 An out-of-bounds read and write flaw was discovered in the PHP-FPM code, which could result in escalation of privileges from local unprivileged user to the root user. oval:org.secpod.oval:def:706198 php8.0: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter PHP-PFM in PHP could be made ... oval:org.secpod.oval:def:507074 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: password of excessive length triggers buffer overflow leading to RCE * php: Local privilege escalation via PHP-FPM * php: special character breaks path in xml parsing * php: uninitialized ar ... oval:org.secpod.oval:def:76628 In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the ma ... oval:org.secpod.oval:def:75999 php8.0: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter PHP-PFM in PHP could be made ... oval:org.secpod.oval:def:120912 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:120915 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:4500931 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Local privilege escalation via PHP-FPM * php: SSRF bypass in FILTER_VALIDATE_URL For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:506903 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Local privilege escalation via PHP-FPM * php: SSRF bypass in FILTER_VALIDATE_URL For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:2106869 Oracle Solaris 11 - ( CVE-2021-21703 ) oval:org.secpod.oval:def:89046085 This update for php7 fixes the following issues: - CVE-2021-21703: Fixed local privilege escalation via PHP-FPM . - CVE-2021-21707: Fixed special character breaks path in xml parsing . - CVE-2017-8923: Fixed denial of service when using .= with a long string . - CVE-2015-9253: Fixed endless loop w ... oval:org.secpod.oval:def:3300866 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:3301083 SUSE Security Update: Security update for php8 oval:org.secpod.oval:def:89047906 This update for php7 fixes the following issues: - Version update to 7.2.34 [jsc#SLE-23639] - CVE-2022-37454: Fixed SHA-3 buffer overflow . - Fix integer overflow in PHP_SHA3##bits . oval:org.secpod.oval:def:89047905 This update for php7 fixes the following issues: - Version update to 7.4.33: - CVE-2022-31630: Fixed out-of-bounds read due to insufficient input validation in imageloadfont . - CVE-2022-37454: Fixed buffer overflow in hash_update on long parameter . - Version update to 7.4.32 - CVE-2022-31628: Fix ... oval:org.secpod.oval:def:3300388 SUSE Security Update: Security update for php7 |