Download
| Alert*
oval:org.secpod.oval:def:78425
php8.0: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter PHP could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:121686 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:121683 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:3301213 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:87177 The host is installed with PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16 or 8.1.x below 8.1.3 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to properly handle issues in the filter functions with FILTER_VALIDATE_FLOAT filter and min/max limit ... oval:org.secpod.oval:def:1701621 A flaw was found in PHP. The vulnerability occurs due to the malformed php_filter_float function and leads to a use-after-free vulnerability. This flaw allows an attacker to inject a malicious file, leading to a crash or a Segmentation fault oval:org.secpod.oval:def:706329 php8.0: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter PHP could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:2107746 Oracle Solaris 11 - ( CVE-2021-21708 ) oval:org.secpod.oval:def:89046121 This update for php7 fixes the following issues: - CVE-2021-21708: Fixed a memory corruption issue when processing integers from an untrusted source . oval:org.secpod.oval:def:5800122 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Use after free due to php_filter_float failing for ints * php: Uninitialized array in pg_query_params leading to R ... oval:org.secpod.oval:def:4500946 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php , php-pear . Security Fix: * php: Special character breaks path in xml parsing * php: Use after free due to php_filter_float failing for ... oval:org.secpod.oval:def:507308 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Use after free due to php_filter_float failing for ints * php: Uninitialized array in pg_query_params leading to R ... oval:org.secpod.oval:def:85944 Two security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure or denial of service. oval:org.secpod.oval:def:87163 [8.0.20-3] - snmp3 calls using authPriv or authNoPriv immediately return false #2104630 [8.0.20-2] - fix patch41 not applied [8.0.20-1] - rebase to 8.0.20 #2095752 - clean unneeded dependency on useradd command #2095447 - add upstream patch to initialize pcre before mbstring - retrieve tzdata versi ... oval:org.secpod.oval:def:2500879 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:2500878 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:507392 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Use after free due to php_filter_float failing for ints * php: Uninitialized array in pg_query_params leading to R ... oval:org.secpod.oval:def:507332 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php , php-pear . Security Fix: * php: Special character breaks path in xml parsing * php: Use after free due to php_filter_float failing for ... oval:org.secpod.oval:def:1506193 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support php [7.4.30-1] - rebase to 7.4.30 #2099615 [7.4.19-3] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 [7.4.19-2] - fix SSRF bypass in FILTER_VALIDATE_URL CVE-2021-21705 - fix Local privilege escalation ... oval:org.secpod.oval:def:1506191 libzip [1.7.3-1] - update to 1.7.3 php-pecl-apcu [5.1.20-1] - update to 5.1.20 php-pecl-rrd [2.0.3-1] - update to 2.0.3 php-pecl-xdebug3 [3.1.2-1] - update to 3.1.2 rhbz#2030322 oval:org.secpod.oval:def:2600080 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:4501008 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Use after free due to php_filter_float failing for ints * php: Uninitialized array in pg_query_params leading to R ... oval:org.secpod.oval:def:605951 Two security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure or denial of service. oval:org.secpod.oval:def:89047905 This update for php7 fixes the following issues: - Version update to 7.4.33: - CVE-2022-31630: Fixed out-of-bounds read due to insufficient input validation in imageloadfont . - CVE-2022-37454: Fixed buffer overflow in hash_update on long parameter . - Version update to 7.4.32 - CVE-2022-31628: Fix ... oval:org.secpod.oval:def:3300882 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:3300388 SUSE Security Update: Security update for php7 |