Download
| Alert*
oval:org.secpod.oval:def:705333
php7.3: server-side, HTML-embedded scripting language - php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:1601096 In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access. In P ... oval:org.secpod.oval:def:604754 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names. oval:org.secpod.oval:def:69805 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names. oval:org.secpod.oval:def:2500206 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:89000316 This update for php53 fixes the following issues: Security issues fixed: - CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex . - CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes . - CVE-2019-11046: Fixed an out-of-bounds ... oval:org.secpod.oval:def:2105452 Oracle Solaris 11 - ( CVE-2019-11044 ) oval:org.secpod.oval:def:1503030 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:604752 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names. oval:org.secpod.oval:def:61534 php7.3: server-side, HTML-embedded scripting language - php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:62007 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names. oval:org.secpod.oval:def:504284 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers * php: Buffer over-read in exif_read_data ... oval:org.secpod.oval:def:1601887 cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow oval:org.secpod.oval:def:76645 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure ... oval:org.secpod.oval:def:505213 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php73-php . Security Fix: * php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byt ... oval:org.secpod.oval:def:66572 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers * php: Buffer over-read in exif_read_data ... oval:org.secpod.oval:def:3300866 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:89047906 This update for php7 fixes the following issues: - Version update to 7.2.34 [jsc#SLE-23639] - CVE-2022-37454: Fixed SHA-3 buffer overflow . - Fix integer overflow in PHP_SHA3##bits . |