74 matches found
MiracleLinux 8 : php:7.4 (AXSA:2022-3814:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3814:01 advisory. php: uninitialized array in pgqueryparams leading to RCE CVE-2022-31625 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 7 : rh-php73-php-7.3.33-1.el7 (AXSA:2022-3369:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3369:01 advisory. php: password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 php: Local privilege escalation via PHP-FPM CVE-2021-21703...
Amazon Linux 2 : php (ALAS-2023-2375)
The version of php installed on the remote host is prior to 5.4.16-46. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2375 advisory. An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5...
Rocky Linux 8 : php:7.4 (RLSA-2022:6158)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6158 advisory. - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the...
Important: php
Issue Overview: A vulnerability was found in PHP due to an uninitialized array in pgqueryparams function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw...
Rocky Linux 9 : php (RLSA-2022:8197)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8197 advisory. - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the...
[SECURITY] [DLA 3243-1] php7.3 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3243-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 15, 2022 https://wiki.debian.org/LTS -...
Oracle Linux 9 : php (ELSA-2022-8197)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8197 advisory. 8.0.20-3 - snmp3 calls using authPriv or authNoPriv immediately return false 2104630 8.0.20-2 - fix patch41 not applied use system nikic/php-parser whe...
SUSE: Security Advisory (SUSE-SU-2022:4069-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:4068-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:3997-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: php security, bug fix, and enhancement update
An update for php is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
RLSA-2022:8197 Moderate: php security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.20. BZ2095752 Security Fixes: php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in...
ALSA-2022:8197 Moderate: php security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.20. BZ2095752 Security Fixes: php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in...
CentOS 8 : php:8.0 (CESA-2022:7624)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7624 advisory. - php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 - php: Uninitialized array in pgqueryparams leading to RCE CVE-2022-31625...
Moderate: Red Hat Security Advisory: php:8.0 security, bug fix, and enhancement update
An update for the php:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2022:7624 Moderate: php:8.0 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.20. BZ2100876 Security Fixes: php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in...
Moderate: php:8.0 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.20. BZ2100876 Security Fixes: php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in...
ALSA-2022:7624 Moderate: php:8.0 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.20. BZ2100876 Security Fixes: php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in...
EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2022-2582)
According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying...