Download
| Alert*
oval:org.secpod.oval:def:3300866
SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:89047906 This update for php7 fixes the following issues: - Version update to 7.2.34 [jsc#SLE-23639] - CVE-2022-37454: Fixed SHA-3 buffer overflow . - Fix integer overflow in PHP_SHA3##bits . oval:org.secpod.oval:def:704911 php5: HTML-embedded scripting language interpreter Details: USN-3922-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 LTS. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive informa ... oval:org.secpod.oval:def:1901698 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len. oval:org.secpod.oval:def:76661 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len. oval:org.secpod.oval:def:603820 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: The EXIF extension had multiple cases of invalid memory access and rename was implemented insecurely. oval:org.secpod.oval:def:53954 php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:1505314 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:504902 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php72-php . Security Fix: * php: underflow in env_path_info in fpm_main.c * gd: Unsigned integer underflow _gdContributionsAlloc * gd: He ... oval:org.secpod.oval:def:89003306 This update for php53 fixes the following issues: Security issues fixed: - CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension . - CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory access in EX ... oval:org.secpod.oval:def:704846 php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:66778 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Invalid memory access in function xmlrpc_decode * php: File rename across filesystems may allow unwanted access du ... oval:org.secpod.oval:def:54514 php5: HTML-embedded scripting language interpreter Details: USN-3922-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Linux Mint 17.x LTS. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive info ... oval:org.secpod.oval:def:2105112 Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. oval:org.secpod.oval:def:2500164 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:505023 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php71-php . Security Fix: * gd: Unsigned integer underflow _gdContributionsAlloc * php: Out of bounds access in php_pcre.c:php_pcre_replac ... oval:org.secpod.oval:def:69493 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Invalid memory access in function xmlrpc_decode * php: File rename across filesystems may allow unwanted access du ... |