Lucene search
UbuntuUSN-6841-1HistoryJun 19, 2024 - 12:00 a.m.
PHP vulnerability
2024-06-1900:00:00
ubuntu.com
3
php vulnerability
ubuntu 20.04 lts
ubuntu 22.04 lts
ubuntu 23.10
ubuntu 24.04 lts
filter_var function
user input security
6.8 Medium
AI Score
Confidence
Low
Releases
- Ubuntu 24.04 LTS
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Packages
- php7.4 - HTML-embedded scripting language interpreter
- php8.1 - HTML-embedded scripting language interpreter
- php8.2 - server-side, HTML-embedded scripting language (metapackage)
- php8.3 - server-side, HTML-embedded scripting language (metapackage)
Details
It was discovered that PHP could early return in the filter_var function
resulting in invalid user information being treated as valid user
information. An attacker could possibly use this issue to expose raw
user input information.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 24.04 | noarch | libapache2-mod-php8.3 | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libapache2-mod-php8.3-dbgsym | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libphp8.3-embed | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libphp8.3-embed-dbgsym | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | php8.3 | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | php8.3-bcmath | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | php8.3-bcmath-dbgsym | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | php8.3-bz2 | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | php8.3-bz2-dbgsym | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | php8.3-cgi | < 8.3.6-0ubuntu0.24.04.1 | UNKNOWN |
6.8 Medium
AI Score
Confidence
Low