Download
| Alert*
oval:org.secpod.oval:def:2600355
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:508039 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: XML loading external entity without being enabled php: phar Buffer mismanagement php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request bod ... oval:org.secpod.oval:def:89049350 This update for php7 fixes the following issues: * CVE-2023-3823: Fixed an issue with external entity loading in XML without enabling it. * CVE-2023-3824: Fixed a buffer overflow in phar_dir_read oval:org.secpod.oval:def:4501498 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: XML loading external entity without being enabled * php: phar Buffer mismanagement * php: 1-byte array overrun in common path resolve code * php: DoS vulnerability when parsing multipart req ... oval:org.secpod.oval:def:93266 php8.1: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:1701616 GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAPNOTE: Fixed in 8.2.7, 8.1.20, 8.0.29NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mwNOTE: https://github.com/php/php-src/commit/ac4254ad764c70cb1f05c9270d8d12689fc ... oval:org.secpod.oval:def:1507101 [8.0.30-1] - rebase to 8.0.30 - Resolves: RHEL-11946 oval:org.secpod.oval:def:3301707 Security update for php7 oval:org.secpod.oval:def:3302067 Security update for php7 oval:org.secpod.oval:def:3301387 Security update for php7 oval:org.secpod.oval:def:19500370 In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appro ... oval:org.secpod.oval:def:19500391 In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appro ... oval:org.secpod.oval:def:508152 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: XML loading external entity without being enabled php: phar Buffer mismanagement php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request bod ... oval:org.secpod.oval:def:1701614 GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAPNOTE: Fixed in 8.2.7, 8.1.20, 8.0.29NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mwNOTE: https://github.com/php/php-src/commit/ac4254ad764c70cb1f05c9270d8d12689fc ... oval:org.secpod.oval:def:1701613 GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAPNOTE: Fixed in 8.2.7, 8.1.20, 8.0.29NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mwNOTE: https://github.com/php/php-src/commit/ac4254ad764c70cb1f05c9270d8d12689fc ... oval:org.secpod.oval:def:97745 [CLSA-2023:1692632368] php: Fix of 2 CVEs oval:org.secpod.oval:def:508016 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix: python-certifi: Removal of e-Tugra root certificate python-urllib3: Cookie ... oval:org.secpod.oval:def:1507290 php [8.1.27-1] - rebase to 8.1.27 RHEL-19093 [8.1.14-1] - rebase to 8.1.14 [8.1.8-1] - update to 8.1.8 #2070040 [8.1.7-2] - clean unneeded dependency on useradd command [8.1.7-1] - update to 8.1.7 #2070040 [8.1.6-2] - add upstream patch to initialize pcre before mbstring - add upstream patch to use ... oval:org.secpod.oval:def:97888 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request body php: Missing error check and insufficient random bytes in HTTP Digest authentication ... oval:org.secpod.oval:def:5800217 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: 1-byte array overrun in common path resolve code * php: DoS vulnerability when parsing multipart request body * php: Missing error check and insufficient random bytes in HTTP Digest authentic ... oval:org.secpod.oval:def:2501202 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:2600491 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:708785 php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter Details: USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.0 ... oval:org.secpod.oval:def:98730 php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter Details: USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Linux Mint 18.x LTS, Linux Mi ... oval:org.secpod.oval:def:613046 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in secure cookie bypass, XXE attacks or incorrect validation of password hashes. oval:org.secpod.oval:def:613047 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in secure cookie bypass, XXE attacks or incorrect validation of password hashes. oval:org.secpod.oval:def:99993 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in secure cookie bypass, XXE attacks or incorrect validation of password hashes. oval:org.secpod.oval:def:99994 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in secure cookie bypass, XXE attacks or incorrect validation of password hashes. oval:org.secpod.oval:def:1507098 Oracle Linux 8 php:8.0 security update oval:org.secpod.oval:def:125984 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:708376 php8.1: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:95089 The host is installed with PHP 8.0.x before 8.0.30, 8.1.x before 8.1.22, or 8.2.x before 8.2.8 and is prone to an XML external entity reference vulnerability. A flaw is present in the application, which fails to handle an issue in processing the libxml global state. Successful exploitation could all ... oval:org.secpod.oval:def:125992 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... |