Lucene search

K
osvGoogleOSV:USN-5300-2
HistoryMar 03, 2022 - 1:58 p.m.

php7.2, php7.4 vulnerabilities

2022-03-0313:58:39
Google
osv.dev
6

7.8 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.1%

USN-5300-1 fixed vulnerabilities in PHP. This update provides the
corresponding updates for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

Original advisory details:

It was discovered that PHP incorrectly handled certain scripts.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9120)

It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly obtain sensitive information. (CVE-2017-9119)

It was discovered that PHP incorrectly handled certain scripts with XML
parsing functions.
An attacker could possibly use this issue to obtain sensitive information.
(CVE-2021-21707)