Download
| Alert*
oval:org.secpod.oval:def:3300210
SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:3300230 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:3300117 SUSE Security Update: Security update for php8 oval:org.secpod.oval:def:1701618 A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf, it is possible to force the function to return a single apostrophe if the function is called on user-supplied ... oval:org.secpod.oval:def:89424 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter PHP could be made do crash or execute arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:1701755 A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf, it is possible to force the function to return a single apostrophe if the function is called on user-supplied ... oval:org.secpod.oval:def:124865 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:89048124 This update for php7 fixes the following issues: - CVE-2022-31631: Fixed an issue where PDO::quote would return an unquoted string . oval:org.secpod.oval:def:707901 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter PHP could be made do crash or execute arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:124862 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:1701625 A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf, it is possible to force the function to return a single apostrophe if the function is called on user-supplied ... oval:org.secpod.oval:def:4501183 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:2600157 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:5800160 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:1506642 php-pecl-apcu [5.1.21-1] - update to 5.1.21 for PHP 8.1 #2070040 php-pecl-rrd [2.0.3-4] - build for PHP 8.1 #2070040 php-pecl-xdebug3 [3.1.4-1] - update to 3.1.4 for PHP 8.1 #2070040 php-pecl-zip [1.20.1-1] - update to 1.20.1 for PHP 8.1 #2070040 php [8.1.14-1] - rebase to 8.1.14 [8.1.8-1] - update ... oval:org.secpod.oval:def:507745 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a "__Hos ... oval:org.secpod.oval:def:1506447 [8.0.27-1] - rebase to 8.0.27 oval:org.secpod.oval:def:2600242 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:19500117 A vulnerability was found in php. This issue occurs due to memory corruption in the finfo_buffer function and a bad patch of the libmagic library. This flaw allows an attacker or malicious actor to execute a heap buffer overflow successfully, causing a memory crash. In PHP versions before 7.4.31, 8. ... oval:org.secpod.oval:def:507555 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:507653 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a "__Hos ... oval:org.secpod.oval:def:2501078 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:507536 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:1506435 php [8.0.27-1] - rebase to 8.0.27 oval:org.secpod.oval:def:2500941 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1506755 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support [1.5.2-1] - update to 1.5.2 - add all explicit cmake options to ensure openssl is used even in local build with other lilbraries available [1.5.1-1] - update to 1.5.1 - drop dependency on zlib-devel and bzip2-devel no more referenced in libzip ... oval:org.secpod.oval:def:89048609 This update for php7 fixes the following issues: * CVE-2022-31631: Fixed an issue where PDO::quote would return an unquoted string . * CVE-2023-0568: Fixed NULL byte off-by-one in php_check_specific_open_basedir . * CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body . * CVE-2 ... oval:org.secpod.oval:def:89365 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or incorrect validation of BCrypt hashes. oval:org.secpod.oval:def:610432 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or incorrect validation of BCrypt hashes. |