13 matches found
php:8.2 security update
An update is available for php, php-pecl-rrd, module.php, module.php-pecl-xdebug3, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a...
ALSA-2026:22142 Important: php:8.3 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...
OESA-2026-2420 php security update
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
CVE-2026-7258 vulnerabilities
Vulnerabilities for packages: php...
CVE-2026-7258 vulnerabilities
Vulnerabilities for packages: php...
SUSE-SU-2026:1958-1 Security update for php8
This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776. -...
SUSE SLES16 Security Update : php8 (SUSE-SU-2026:21612-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21612-1 advisory. This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when...
[SECURITY] [DLA 4586-1] php7.4 security update
Debian LTS Advisory DLA-4586-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 16, 2026 https://wiki.debian.org/LTS Package : php7.4 Version : 7.4.33-1+deb11u11 CVE ID : CVE-2026-6722 CVE-2026-6735 CVE-2026-7258 CVE-2026-7261 CVE-2026-7262 CVE-2026-7568 Debian...
CVE-2026-7258 affecting package php for versions less than 8.3.31-1
CVE-2026-7258 affecting package php for versions less than 8.3.31-1. A patched version of the package is available...
DEBIAN-CVE-2026-7258
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, some functions, including urldecode, pass signed char to ctype functions like isxdigit. On the systems with default signed char and optimized table-lookup ctype functions - such as NetBSD - this can...
UBUNTU-CVE-2026-7258
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, some functions, including urldecode, pass signed char to ctype functions like isxdigit. On the systems with default signed char and optimized table-lookup ctype functions - such as NetBSD - this can...
CVE-2026-7258
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, some functions, including urldecode, pass signed char to ctype functions like isxdigit. On the systems with default signed char and optimized table-lookup ctype functions - such as NetBSD - this can...
BELL-CVE-2026-7258
Bulletin has no description...