Lucene search
Alpine Linux Development TeamALPINE:CVE-2024-2756HistoryApr 29, 2024 - 4:15 a.m.
CVE-2024-2756
2024-04-2904:15:07
Alpine Linux Development Team
security.alpinelinux.org
30
incomplete fix
insecure cookies
victim's browser
php applications
cve-2022-31629
network attackers
same-site attackers
__host- cookies
__secure- cookies
Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victimβs browser which is treated as a __Host-Β or __Secure-Β cookie by PHP applications.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | php82 | <Β 8.2.18-r0 | UNKNOWN |
| Alpine | edge-community | noarch | php83 | <Β 8.3.5-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | php81 | <Β 8.1.28-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | php82 | <Β 8.2.18-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | php83 | <Β 8.3.6-r0 | UNKNOWN |
Related
cloudlinux
cloudlinux
php: Fix of 2 CVEs
2024-05-09 18:56:08
redhatcve
redhatcve
CVE-2024-2756
2024-04-15 08:56:16
CVE-2022-31629
2022-10-13 14:29:56
cve
cve
CVE-2024-2756
2024-04-29 04:15:07
CVE-2022-31629
2022-09-28 23:15:00
cvelist
cvelist
openvas
openvas
PHP 8.1.11 < 8.1.28, 8.2.x < 8.2.18, 8.3.x < 8.3.6 Security Update (GHSA-wpj3-hf5j-x4v4) - Windows
2024-04-15 00:00:00
PHP 8.1.11 < 8.1.28, 8.2.x < 8.2.18, 8.3.x < 8.3.6 Security Update (GHSA-wpj3-hf5j-x4v4) - Linux
2024-04-15 00:00:00
openSUSE: Security Advisory for php8 (SUSE-SU-2024:1446-1)
2024-04-27 00:00:00
debiancve
debiancve
CVE-2024-2756
2024-04-29 04:15:07
CVE-2022-31629
2022-09-28 23:15:00
ubuntucve
ubuntucve
CVE-2024-2756
2024-04-16 00:00:00
CVE-2022-31629
2022-09-28 00:00:00
osv
osv
BIT-php-2024-2756
2024-05-14 07:29:36
BIT-php-2022-31629
2024-03-06 11:03:40
CVE-2022-31629
2022-09-28 23:15:10
nessus
nessus
SUSE SLES12 Security Update : php74 (SUSE-SU-2024:1445-1)
2024-04-29 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2024:1444-1)
2024-04-29 00:00:00
Debian dla-3810 : libapache2-mod-php7.3 - security update
2024-05-08 00:00:00
debian
debian
[SECURITY] [DLA 3810-1] php7.3 security update
2024-05-07 23:31:06
[SECURITY] [DSA 5660-1] php7.4 security update
2024-04-15 19:25:52
[SECURITY] [DSA 5277-1] php7.4 security update
2022-11-13 18:53:11
mageia
mageia
Updated php packages fix security vulnerabilities
2024-04-13 19:56:38
Updated php packages fix security vulnerability
2022-10-08 23:22:22
slackware
slackware
[slackware-security] php
2024-04-12 19:36:41
[slackware-security] php
2022-09-30 18:00:43
fedora
fedora
[SECURITY] Fedora 39 Update: php-8.2.18-1.fc39
2024-04-19 01:18:35
[SECURITY] Fedora 38 Update: php-8.2.18-1.fc38
2024-04-19 02:53:20
[SECURITY] Fedora 40 Update: php-8.3.6-1.fc40
2024-04-19 21:43:53
altlinux
altlinux
Security fix for the ALT Linux 10 package php8.0 version 8.0.24-alt1
2022-10-13 00:00:00
Security fix for the ALT Linux 10 package php8.1 version 8.1.11-alt1
2022-10-11 00:00:00
Security fix for the ALT Linux 10 package php8.2 version 8.1.11-alt1
2022-09-30 00:00:00
checkpoint_advisories
checkpoint_advisories
PHP Authentication Bypass (CVE-2022-31629)
2022-11-24 00:00:00
freebsd
freebsd
php -- Multiple vulnerabilities
2024-04-11 00:00:00
alpinelinux
alpinelinux
CVE-2022-31629
2022-09-28 23:15:00
githubexploit
githubexploit
Exploit for Vulnerability in Php
2022-10-07 08:15:23
cbl_mariner
cbl_mariner
CVE-2022-31629 affecting package php 7.4.14-3
2024-05-20 21:07:24
CVE-2024-2756 affecting package php for versions less than 8.1.28-1
2024-05-06 17:48:02
veracode
veracode
Insecure Cookie
2022-09-30 11:10:30
prion
prion
Code injection
2022-09-28 23:15:00
suse
suse
Security update for php7 (moderate)
2022-11-01 00:00:00
Security update for php8 (important)
2022-10-19 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2024-05-02 00:00:00
PHP vulnerabilities
2024-04-29 00:00:00
PHP vulnerabilities
2022-11-08 00:00:00
gentoo
gentoo
PHP: Multiple Vulnerabilities
2022-11-19 00:00:00
redhat
redhat
(RHSA-2023:2903) Moderate: php:7.4 security update
2023-05-16 05:57:44
(RHSA-2023:2417) Moderate: php:8.1 security update
2023-05-09 05:10:10
(RHSA-2023:0965) Moderate: php security update
2023-02-28 07:53:30
almalinux
almalinux
Moderate: php:7.4 security update
2023-05-16 00:00:00
Moderate: php security update
2023-02-28 00:00:00
Moderate: php:8.0 security update
2023-02-21 00:00:00
rocky
rocky
php security update
2023-04-06 15:53:36
php:8.0 security update
2023-02-22 01:08:53
oraclelinux
oraclelinux
8.1 security update
2023-05-15 00:00:00
php security update
2023-02-28 00:00:00
php:8.0 security update
2023-02-22 00:00:00
ibm
ibm
hp
hp
HP Device Manager Security Updates
2023-04-13 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00