Download
| Alert*
oval:org.secpod.oval:def:55493
php73 is installed oval:org.secpod.oval:def:1601053 An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to acce ... oval:org.secpod.oval:def:1601467 Several flaws has been found in php. The pdo_firebase module does not check the length of the server version string in a response packet causing a stack buffer overflow, does not verify the data and uses the wrong type to cast length leading to a crash, and does not validate the response before calc ... oval:org.secpod.oval:def:1601116 In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash. In PHP versions 7.2.x below 7 ... oval:org.secpod.oval:def:1601033 Function iconv_mime_decode_headers in PHP may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.When using gdImageCreateFromXbm function of PHP gd extension, it is possible to supply data that will cause the function to use ... oval:org.secpod.oval:def:1601014 When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash. When processing certain files, PHP EXIF extension i ... oval:org.secpod.oval:def:1601132 In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exif_read_data function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash. In PHP versions ... oval:org.secpod.oval:def:1601052 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information d ... |