MiracleLinux 8 : php:7.2 (AXSA:2020-845:01)

🗓️ 20 Jan 2026 00:00:00Reported by TenableType

MiracleLinux eight hosts running seven point two are affected by AXSA-2020-845-01 vulnerabilities.

Reporter	Title	Published	Views	Family All 763
ALT Linux	Security fix for the ALT Linux 10 package php8.0 version 7.2.21-alt1	3 Aug 201900:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package php7 version 7.2.21-alt1	3 Aug 201900:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package php7 version 7.2.19-alt1	5 Jun 201900:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package php8.1 version 7.2.19-alt1	1 Jun 201900:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package php7 version 7.2.21-alt1	3 Aug 201900:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package php8.0 version 7.2.19-alt1	1 Jun 201900:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package php8.1 version 7.2.21-alt1	3 Aug 201900:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package php7 version 7.2.19-alt1	2 Jun 201900:00	–	altlinux
IBM Security Bulletins	Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabiltiies in PHP.	27 Jan 202016:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM API Connect's Developer Portal is impacted by vulnerabilities in PHP (CVE-2019-11035 CVE-2019-11034)	23 May 201900:15	–	ibm

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/12027
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2020-845:01.
##

include('compat.inc');

if (description)
{
  script_id(294157);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/20");

  script_cve_id(
    "CVE-2018-20783",
    "CVE-2019-9020",
    "CVE-2019-9021",
    "CVE-2019-9022",
    "CVE-2019-9023",
    "CVE-2019-9024",
    "CVE-2019-9637",
    "CVE-2019-9638",
    "CVE-2019-9639",
    "CVE-2019-9640",
    "CVE-2019-11034",
    "CVE-2019-11035",
    "CVE-2019-11036",
    "CVE-2019-11039",
    "CVE-2019-11040",
    "CVE-2019-11041",
    "CVE-2019-11042"
  );

  script_name(english:"MiracleLinux 8 : php:7.2 (AXSA:2020-845:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2020-845:01 advisory.

    php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020)
        php: File rename across filesystems may allow unwanted access during
    processing (CVE-2019-9637)
        php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638)
        php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9639)
        php: Invalid read in exif_process_SOFn() (CVE-2019-9640)
        php: Out-of-bounds read due to integer overflow in
    iconv_mime_decode_headers() (CVE-2019-11039)
        php: Buffer over-read in exif_read_data() (CVE-2019-11040)
        php: Buffer over-read in PHAR reading functions (CVE-2018-20783)
        php: Heap-based buffer over-read in PHAR reading functions (CVE-2019-9021)
        php: memcpy with negative length via crafted DNS response (CVE-2019-9022)
        php: Heap-based buffer over-read in mbstring regular expression functions
    (CVE-2019-9023)
        php: Out-of-bounds read in base64_decode_xmlrpc in
    ext/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024)
        php: Heap buffer overflow in function exif_process_IFD_TAG()
    (CVE-2019-11034)
        php: Heap buffer overflow in function exif_iif_add_value() (CVE-2019-11035)
        php: Buffer over-read in exif_process_IFD_TAG() leading to information
    disclosure (CVE-2019-11036)
        php: Heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041)
        php: Heap buffer over-read in exif_process_user_comment() (CVE-2019-11042)
    CVE(s):
    CVE-2018-20783
    CVE-2019-9020
    CVE-2019-9021
    CVE-2019-9022
    CVE-2019-9023
    CVE-2019-9024
    CVE-2019-9637
    CVE-2019-9638
    CVE-2019-9639
    CVE-2019-9640
    CVE-2019-11034
    CVE-2019-11035
    CVE-2019-11036
    CVE-2019-11039
    CVE-2019-11040
    CVE-2019-11041
    CVE-2019-11042
    Additional info:https://access.redhat.com/errata/RHSA-2020:1624https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2018-20783https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-9020https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-9021https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-9022https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-9023https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-9024https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-9637https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-9638https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-9639https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-9640https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-11034https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-11035https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-11036https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-11039https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-11040https://cve.mitre.org/cgi-
    bin/cvename.cgi?name=CVE-2019-11041https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042
    Modularity name: php
    Stream name: 7.2

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/12027");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9023");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/11/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/11/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:apcu-panel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:libzip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:libzip-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:libzip-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-embedded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-enchant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-fpm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-json");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-mysqlnd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-opcache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-pear");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-pecl-apcu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-pecl-apcu-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-pecl-zip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-process");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-recode");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-xml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:php-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:8");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^8([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 8.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '8',
    'pkgs': [
      {'reference':'apcu-panel-5.1.12-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'libzip-1.5.1-2.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'libzip-devel-1.5.1-2.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'libzip-tools-1.5.1-2.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-bcmath-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-cli-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-common-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-dba-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-dbg-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-devel-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-embedded-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-enchant-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-fpm-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-gd-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-gmp-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-intl-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-json-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-ldap-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-mbstring-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-mysqlnd-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-odbc-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-opcache-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-pdo-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-pear-1.10.5-9.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-pecl-apcu-5.1.12-2.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-pecl-apcu-devel-5.1.12-2.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-pecl-zip-1.15.3-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-pgsql-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-process-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-recode-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-snmp-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-soap-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-xml-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'php-xmlrpc-7.2.24-1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apcu-panel / libzip / libzip-devel / libzip-tools / php / etc');
}

20 Jan 2026 00:00Current

8.8High risk

Vulners AI Score8.8

CVSS 27.5

CVSS 34.8 - 9.8

CVSS 3.19.1

EPSS0.25106