Download
| Alert*
oval:org.secpod.oval:def:2108326
Oracle Solaris 11 - ( CVE-2023-3824 ) oval:org.secpod.oval:def:2600355 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:4501498 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: XML loading external entity without being enabled * php: phar Buffer mismanagement * php: 1-byte array overrun in common path resolve code * php: DoS vulnerability when parsing multipart req ... oval:org.secpod.oval:def:508039 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: XML loading external entity without being enabled php: phar Buffer mismanagement php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request bod ... oval:org.secpod.oval:def:93225 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter PHP could be made to expose sensitive information. oval:org.secpod.oval:def:1701616 GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAPNOTE: Fixed in 8.2.7, 8.1.20, 8.0.29NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mwNOTE: https://github.com/php/php-src/commit/ac4254ad764c70cb1f05c9270d8d12689fc ... oval:org.secpod.oval:def:1507101 [8.0.30-1] - rebase to 8.0.30 - Resolves: RHEL-11946 oval:org.secpod.oval:def:3301839 Security update for php7 oval:org.secpod.oval:def:19500345 GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAPNOTE: Fixed in 8.2.7, 8.1.20, 8.0.29NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mwNOTE: https://github.com/php/php-src/commit/ac4254ad764c70cb1f05c9270d8d12689fc ... oval:org.secpod.oval:def:19500391 In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appro ... oval:org.secpod.oval:def:508152 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: XML loading external entity without being enabled php: phar Buffer mismanagement php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request bod ... oval:org.secpod.oval:def:1701614 GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAPNOTE: Fixed in 8.2.7, 8.1.20, 8.0.29NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mwNOTE: https://github.com/php/php-src/commit/ac4254ad764c70cb1f05c9270d8d12689fc ... oval:org.secpod.oval:def:1701613 GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAPNOTE: Fixed in 8.2.7, 8.1.20, 8.0.29NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mwNOTE: https://github.com/php/php-src/commit/ac4254ad764c70cb1f05c9270d8d12689fc ... oval:org.secpod.oval:def:508016 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix: python-certifi: Removal of e-Tugra root certificate python-urllib3: Cookie ... oval:org.secpod.oval:def:1507290 php [8.1.27-1] - rebase to 8.1.27 RHEL-19093 [8.1.14-1] - rebase to 8.1.14 [8.1.8-1] - update to 8.1.8 #2070040 [8.1.7-2] - clean unneeded dependency on useradd command [8.1.7-1] - update to 8.1.7 #2070040 [8.1.6-2] - add upstream patch to initialize pcre before mbstring - add upstream patch to use ... oval:org.secpod.oval:def:97888 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: 1-byte array overrun in common path resolve code php: DoS vulnerability when parsing multipart request body php: Missing error check and insufficient random bytes in HTTP Digest authentication ... oval:org.secpod.oval:def:5800217 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: 1-byte array overrun in common path resolve code * php: DoS vulnerability when parsing multipart request body * php: Missing error check and insufficient random bytes in HTTP Digest authentic ... oval:org.secpod.oval:def:2501202 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:2600491 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:95090 The host is installed with PHP 8.0.x before 8.0.29, 8.1.x before 8.1.20, or 8.2.x before 8.2.7 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an issue in the random byte generation function used in the SOAP HTTP Digest authenticat ... oval:org.secpod.oval:def:708278 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter PHP could be made to expose sensitive information. oval:org.secpod.oval:def:1507098 Oracle Linux 8 php:8.0 security update |