DSA-4080-1 php7.0 -- php7.0ID: oval:org.secpod.oval:def:53225 | Date: (C)2019-04-04 (M)2024-02-19 |
Class: PATCH | Family: unix |
Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2017-11144 Denial of service in openssl extension due to incorrect return value check of OpenSSL sealing function CVE-2017-11145 Out-of-bounds read in wddx_deserialize CVE-2017-11628 Buffer overflow in PHP INI parsing API CVE-2017-12932 / CVE-2017-12934 Use-after-frees during unserialisation CVE-2017-12933 Buffer overread in finish_nested_data CVE-2017-16642 Out-of-bounds read in timelib_meridian