DSA-4353-1 php7.0 -- php7.0ID: oval:org.secpod.oval:def:603587 | Date: (C)2018-12-11 (M)2024-04-17 |
Class: PATCH | Family: unix |
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: The EXIF module was susceptible to denial of service/information disclosure when parsing malformed images, the Apache module allowed cross-site-scripting via the body of a Transfer-Encoding: chunked request and the IMAP extension performed insufficient input validation which can result in the execution of arbitrary shell commands in the imap_open function and denial of service in the imap_mail function.
Product: |
libphp7.0-embed |
php7.0 |
libapache2-mod-php7.0 |