Download
| Alert*
oval:org.secpod.oval:def:2600355
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:508039 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: XML loading external entity without being enabled php: phar Buffer mismanagement php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request bod ... oval:org.secpod.oval:def:4501498 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: XML loading external entity without being enabled * php: phar Buffer mismanagement * php: 1-byte array overrun in common path resolve code * php: DoS vulnerability when parsing multipart req ... oval:org.secpod.oval:def:1507101 [8.0.30-1] - rebase to 8.0.30 - Resolves: RHEL-11946 oval:org.secpod.oval:def:508152 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: XML loading external entity without being enabled php: phar Buffer mismanagement php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request bod ... oval:org.secpod.oval:def:1701620 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. In PHP 8.0.X bef ... oval:org.secpod.oval:def:1701619 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. In PHP 8.0.X bef ... oval:org.secpod.oval:def:1701615 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. In PHP 8.0.X bef ... oval:org.secpod.oval:def:97718 [CLSA-2023:1678395661] php: Fix of 3 CVEs oval:org.secpod.oval:def:508016 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix: python-certifi: Removal of e-Tugra root certificate python-urllib3: Cookie ... oval:org.secpod.oval:def:1507290 php [8.1.27-1] - rebase to 8.1.27 RHEL-19093 [8.1.14-1] - rebase to 8.1.14 [8.1.8-1] - update to 8.1.8 #2070040 [8.1.7-2] - clean unneeded dependency on useradd command [8.1.7-1] - update to 8.1.7 #2070040 [8.1.6-2] - add upstream patch to initialize pcre before mbstring - add upstream patch to use ... oval:org.secpod.oval:def:97888 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request body php: Missing error check and insufficient random bytes in HTTP Digest authentication ... oval:org.secpod.oval:def:5800217 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: 1-byte array overrun in common path resolve code * php: DoS vulnerability when parsing multipart request body * php: Missing error check and insufficient random bytes in HTTP Digest authentic ... oval:org.secpod.oval:def:2501202 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:2600491 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:95092 The host is installed with PHP 8.0.x before 8.0.28, 8.1.x before 8.1.16, or 8.2.x before 8.2.3 and is prone to a buffer overread vulnerability. A flaw is present in the application, which fails to handle an issue in the password_verify() function that may accept some invalid Blowfish hashes as valid ... oval:org.secpod.oval:def:2108005 Oracle Solaris 11 - ( CVE-2023-0568 ) oval:org.secpod.oval:def:89478 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:125042 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:125041 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:1507098 Oracle Linux 8 php:8.0 security update oval:org.secpod.oval:def:89048609 This update for php7 fixes the following issues: * CVE-2022-31631: Fixed an issue where PDO::quote would return an unquoted string . * CVE-2023-0568: Fixed NULL byte off-by-one in php_check_specific_open_basedir . * CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body . * CVE-2 ... oval:org.secpod.oval:def:89048577 This update for php7 fixes the following issues: * CVE-2023-0568: Fixed NULL byte off-by-one in php_check_specific_open_basedir . * CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body . * CVE-2023-0567: Fixed vulnerability where BCrypt hashes erroneously validate if the salt i ... oval:org.secpod.oval:def:707977 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:19500191 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. In PHP 8.0.X bef ... oval:org.secpod.oval:def:89365 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or incorrect validation of BCrypt hashes. oval:org.secpod.oval:def:610432 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or incorrect validation of BCrypt hashes. |