Download
| Alert*
oval:org.secpod.oval:def:506467
apcu-panel is installed oval:org.secpod.oval:def:507157 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocked * Archive_Tar: improper filename sanitization leads to file overwrites * Archive_Tar: directory trav ... oval:org.secpod.oval:def:1506008 php-pear [1:1.10.13-1] - update PEAR to 1.10.13 - update Archive_Tar to 1.4.14 oval:org.secpod.oval:def:2500809 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:97888 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request body php: Missing error check and insufficient random bytes in HTTP Digest authentication ... oval:org.secpod.oval:def:2500206 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1505671 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support php-pear [1:1.10.12-1] - update PEAR to 1.10.12 - update Archive_Tar to 1.4.9 - update Console_Getopt to 1.4.3 - update XML_Util to 1.4.5 php-pecl-apcu [5.1.18-1] - update to 5.1.18 php-pecl-rrd php-pecl-xdebug [2.9.5-1] - update to 2.9.5 php- ... oval:org.secpod.oval:def:2500031 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:507128 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: uninitialized array in pg_query_params leading to RCE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to th ... oval:org.secpod.oval:def:507308 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Use after free due to php_filter_float failing for ints * php: Uninitialized array in pg_query_params leading to R ... oval:org.secpod.oval:def:2500733 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1505215 libzip php [7.4.19-1] - rebase to 7.4.19 #1944110 oval:org.secpod.oval:def:1505314 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505838 php [7.4.19-3] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 oval:org.secpod.oval:def:2500993 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1505810 php [8.0.13-3] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 oval:org.secpod.oval:def:2500033 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:2500879 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:2500878 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1506193 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support php [7.4.30-1] - rebase to 7.4.30 #2099615 [7.4.19-3] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 [7.4.19-2] - fix SSRF bypass in FILTER_VALIDATE_URL CVE-2021-21705 - fix Local privilege escalation ... oval:org.secpod.oval:def:507332 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php , php-pear . Security Fix: * php: Special character breaks path in xml parsing * php: Use after free due to php_filter_float failing for ... oval:org.secpod.oval:def:1506191 libzip [1.7.3-1] - update to 1.7.3 php-pecl-apcu [5.1.20-1] - update to 5.1.20 php-pecl-rrd [2.0.3-1] - update to 2.0.3 php-pecl-xdebug3 [3.1.2-1] - update to 3.1.2 rhbz#2030322 oval:org.secpod.oval:def:4501298 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV * php: FILTER_VALIDATE_URL accepts URLs with invalid ... oval:org.secpod.oval:def:2500164 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1505984 php [7.4.19-4] - fix uninitialized array in pg_query_params leading to RCE CVE-2022-31625 oval:org.secpod.oval:def:4500931 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Local privilege escalation via PHP-FPM * php: SSRF bypass in FILTER_VALIDATE_URL For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:2500743 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:4501183 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:1506642 php-pecl-apcu [5.1.21-1] - update to 5.1.21 for PHP 8.1 #2070040 php-pecl-rrd [2.0.3-4] - build for PHP 8.1 #2070040 php-pecl-xdebug3 [3.1.4-1] - update to 3.1.4 for PHP 8.1 #2070040 php-pecl-zip [1.20.1-1] - update to 1.20.1 for PHP 8.1 #2070040 php [8.1.14-1] - rebase to 8.1.14 [8.1.8-1] - update ... oval:org.secpod.oval:def:507745 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a "__Hos ... oval:org.secpod.oval:def:507653 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a "__Hos ... oval:org.secpod.oval:def:507536 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:1506435 php [8.0.27-1] - rebase to 8.0.27 oval:org.secpod.oval:def:2500941 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1506755 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support [1.5.2-1] - update to 1.5.2 - add all explicit cmake options to ensure openssl is used even in local build with other lilbraries available [1.5.1-1] - update to 1.5.1 - drop dependency on zlib-devel and bzip2-devel no more referenced in libzip ... |