Lucene search
GoogleOSV:ALSA-2024:0387HistoryJan 24, 2024 - 12:00 a.m.
Moderate: php:8.1 security update
2024-01-2400:00:00
Google
osv.dev
9
php
apache http server
security fix
cve-2023-0568
cve-2023-0662
cve-2023-3247
cve-2023-3823
cve-2023-3824
cve-2023-0567
html-embedded
scripting language
moderate
software
update
dos vulnerability
http digest authentication
buffer mismanagement
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
Security Fix(es):
- php: 1-byte array overrun in common path resolve code (CVE-2023-0568)
- php: DoS vulnerability when parsing multipart request body (CVE-2023-0662)
- php: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP (CVE-2023-3247)
- php: XML loading external entity without being enabled (CVE-2023-3823)
- php: phar Buffer mismanagement (CVE-2023-3824)
- php: Password_verify() always return true with some hash (CVE-2023-0567)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
access.redhat.com/errata/RHSA-2024:0387
access.redhat.com/security/cve/CVE-2023-0567
access.redhat.com/security/cve/CVE-2023-0568
access.redhat.com/security/cve/CVE-2023-0662
access.redhat.com/security/cve/CVE-2023-3247
access.redhat.com/security/cve/CVE-2023-3823
access.redhat.com/security/cve/CVE-2023-3824
bugzilla.redhat.com/2170761
bugzilla.redhat.com/2170770
bugzilla.redhat.com/2170771
bugzilla.redhat.com/2219290
bugzilla.redhat.com/2229396
bugzilla.redhat.com/2230101
errata.almalinux.org/9/ALSA-2024-0387.html
Related
nessus
nessus
Oracle Linux 9 : php:8.1 (ELSA-2024-0387)
2024-01-25 00:00:00
Rocky Linux 9 : php:8.1 (RLSA-2024:0387)
2024-02-12 00:00:00
Oracle Linux 8 : php:8.0 (ELSA-2023-5927)
2023-10-24 00:00:00
rocky
rocky
php:8.1 security update
2024-02-12 20:17:50
php:8.0 security update
2023-10-24 18:35:47
php security update
2023-10-24 18:36:55
almalinux
almalinux
Moderate: php:8.1 security update
2024-01-24 00:00:00
Important: php security update
2023-10-19 00:00:00
Important: php:8.0 security update
2023-10-19 00:00:00
redhat
redhat
(RHSA-2024:0387) Moderate: php:8.1 security update
2024-01-24 09:41:37
(RHSA-2023:5926) Important: php security update
2023-10-19 12:43:29
(RHSA-2023:5927) Important: php:8.0 security update
2023-10-19 12:45:04
osv
osv
Important: php security update
2023-10-24 18:36:55
Important: php:8.0 security update
2023-10-24 18:35:47
Important: php security update
2023-10-19 00:00:00
oraclelinux
oraclelinux
php:8.1 security update
2024-01-25 00:00:00
php security update
2023-10-22 00:00:00
php:8.0 security update
2023-10-23 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0514-1)
2023-03-28 00:00:00
PHP < 8.0.28, 8.1.x < 8.1.16, 8.2.x < 8.2.3 Security Update - Linux
2023-02-15 00:00:00
Slackware: Security Advisory (SSA:2023-045-02)
2023-02-15 00:00:00
slackware
slackware
[slackware-security] php
2023-02-15 03:06:12
fedora
fedora
[SECURITY] Fedora 37 Update: php-8.1.16-1.fc37
2023-02-24 04:47:32
[SECURITY] Fedora 36 Update: php-8.1.16-1.fc36
2023-02-24 03:47:37
[SECURITY] Fedora 37 Update: php-8.1.22-1.fc37
2023-08-11 01:01:34
altlinux
altlinux
Security fix for the ALT Linux 10 package php8.0 version 8.0.28-alt1
2023-02-21 00:00:00
Security fix for the ALT Linux 10 package php8.1 version 8.1.16-alt1
2023-02-17 00:00:00
Security fix for the ALT Linux 10 package php8.2 version 8.2.3-alt1
2023-02-21 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2023-02-28 00:00:00
PHP vulnerabilities
2024-02-27 00:00:00
PHP vulnerabilities
2023-08-23 00:00:00
mageia
mageia
Updated php packages fix security vulnerability
2023-02-27 23:27:16
Updated php packages fix security vulnerability
2023-08-23 22:56:41
cloudlinux
cloudlinux
php: Fix of 3 CVEs
2023-03-09 21:01:01
php: Fix of 2 CVEs
2023-08-21 15:39:32
debian
debian
[SECURITY] [DSA 5363-1] php7.4 security update
2023-02-24 19:21:41
[SECURITY] [DLA 3345-1] php7.3 security update
2023-02-26 22:00:42
[SECURITY] [DLA 3555-1] php7.3 security update
2023-09-05 21:02:07
redos
redos
ROS-20230418-02
2023-04-18 00:00:00
thn
thn
LockBit Ransomware Group Resurfaces After Law Enforcement Takedown
2024-02-26 04:57:00
LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid
2024-02-20 05:25:00
githubexploit
githubexploit
ubuntucve
ubuntucve
cvelist
cvelist
Buffer overflow and overread in phar_dir_read()
2023-08-11 05:48:34
Security issue with external entity loading in XML without enabling it
2023-08-11 05:42:25
Array overrun in common path resolve code
2023-02-16 06:34:04
cbl_mariner
cbl_mariner
CVE-2023-3824 affecting package php for versions less than 8.1.22-1
2023-09-13 02:10:38
CVE-2023-0568 affecting package php for versions less than 8.1.16-1
2023-03-09 00:25:04
alpinelinux
alpinelinux
prion
prion
Design/Logic Flaw
2023-02-16 07:15:00
Authentication flaw
2023-07-22 05:15:00
Design/Logic Flaw
2023-02-16 07:15:00
cve
cve
redhatcve
redhatcve
debiancve
debiancve
veracode
veracode
Authentication Bypass
2023-02-17 10:36:14
Buffer Overflow
2023-08-06 12:58:00
Incorrect Calculation Of Buffer Size
2023-02-17 10:23:44
krebs
krebs
f5
f5
K000134747 : PHP vulnerability CVE-2023-0568
2023-05-23 00:00:00
K000133753 : PHP vulnerability CVE-2023-0662
2023-05-01 00:00:00
cnvd
cnvd
PHP buffer overflow vulnerability (CNVD-2023-64640)
2023-08-15 00:00:00