Download
| Alert*
oval:org.secpod.oval:def:2107066
Oracle Solaris 11 - ( CVE-2021-21704 ) oval:org.secpod.oval:def:506281 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php73-php . Security Fix: * php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV * php: FILTER_VALIDATE_URL accepts URLs with ... oval:org.secpod.oval:def:76626 In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and p ... oval:org.secpod.oval:def:73679 php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:1601467 Several flaws has been found in php. The pdo_firebase module does not check the length of the server version string in a response packet causing a stack buffer overflow, does not verify the data and uses the wrong type to cast length leading to a crash, and does not validate the response before calc ... oval:org.secpod.oval:def:706070 php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:74223 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result an SSRF bypass of the FILTER_VALIDATE_URL check and denial of service or potentially the execution of arbitrary code in the Firebird PDO. oval:org.secpod.oval:def:1701623 Several flaws has been found in php. The pdo_firebase module does not check the length of the server version string in a response packet causing a stack buffer overflow, does not verify the data and uses the wrong type to cast length leading to a crash, and does not validate the response before calc ... oval:org.secpod.oval:def:73692 php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:120432 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:1505671 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support php-pear [1:1.10.12-1] - update PEAR to 1.10.12 - update Archive_Tar to 1.4.9 - update Console_Getopt to 1.4.3 - update XML_Util to 1.4.5 php-pecl-apcu [5.1.18-1] - update to 5.1.18 php-pecl-rrd php-pecl-xdebug [2.9.5-1] - update to 2.9.5 php- ... oval:org.secpod.oval:def:120434 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:97585 [CLSA-2021:1637673193] Fixed CVEs in php: CVE-2021-21703, CVE-2021-21704, CVE-2021-21705 oval:org.secpod.oval:def:73680 php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:4500931 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Local privilege escalation via PHP-FPM * php: SSRF bypass in FILTER_VALIDATE_URL For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:506903 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Local privilege escalation via PHP-FPM * php: SSRF bypass in FILTER_VALIDATE_URL For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:2500733 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:605573 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result an SSRF bypass of the FILTER_VALIDATE_URL check and denial of service or potentially the execution of arbitrary code in the Firebird PDO. oval:org.secpod.oval:def:89047905 This update for php7 fixes the following issues: - Version update to 7.4.33: - CVE-2022-31630: Fixed out-of-bounds read due to insufficient input validation in imageloadfont . - CVE-2022-37454: Fixed buffer overflow in hash_update on long parameter . - Version update to 7.4.32 - CVE-2022-31628: Fix ... oval:org.secpod.oval:def:3300388 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:3300866 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:89047906 This update for php7 fixes the following issues: - Version update to 7.2.34 [jsc#SLE-23639] - CVE-2022-37454: Fixed SHA-3 buffer overflow . - Fix integer overflow in PHP_SHA3##bits . |