DSA-4240-1 php7.0 -- php7.0ID: oval:org.secpod.oval:def:53365 | Date: (C)2019-06-11 (M)2024-02-19 |
Class: PATCH | Family: unix |
Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2018-7584 Buffer underread in parsing HTTP responses CVE-2018-10545 Dumpable FPM child processes allowed the bypass of opcache access controls CVE-2018-10546 Denial of service via infinite loop in convert.iconv stream filter CVE-2018-10547 The fix for CVE-2018-5712 was incomplete CVE-2018-10548 Denial of service via malformed LDAP server responses CVE-2018-10549 Out-of-bounds read when parsing malformed JPEG files