158 matches found
Important: php
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly i...
SUSE CVE-2023-0568
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...
PT-2025-6266 · Fortinet · Fortiportal
Name of the Vulnerable Software and Affected Versions: FortiPortal versions 7.0.0 through 7.0.11 FortiPortal versions 7.2.0 through 7.2.6 FortiPortal versions 7.4.0 through 7.4.2 Description: An Improper Resolution of Path Equivalence issue may allow a remote unauthenticated attacker to retrieve...
CVE-2022-0855
Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcsplugin prior to 0.0.4...
BIT-PHP-MIN-2023-0568 Array overrun in common path resolve code
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...
PT-2025-1216 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the MapUrlToZone component of the Windows operating system, which is associated with incorrect path equivalence resolution. This can allow a remote attacker to bypas...
php: 1-byte array overrun in common path resolve code
A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...
openSUSE: Security Advisory for cargo (SUSE-SU-2024:3748-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : cargo-c (SUSE-SU-2024:3748-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:3748-1 advisory. Security fixes: - CVE-2024-45405: Fixed gix-path improper path resolution bsc1230683 Other fixes: - Update to version 0.10.3git0.ee7d7ef: Tenable has extract...
Security update for cargo-c
This update for cargo-c fixes the following issues: Security fixes: CVE-2024-45405: Fixed gix-path improper path resolution bsc1230683 Other fixes: Update to version 0.10.3git0.ee7d7ef: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2024:3748-1 Security update for cargo-c
This update for cargo-c fixes the following issues: Security fixes: - CVE-2024-45405: Fixed gix-path improper path resolution bsc1230683 Other fixes: - Update to version 0.10.3git0.ee7d7ef:...
CVE-2024-45405
Technical details about CVE-2024-45405 are not provided in the connected documents. Public details in the initial entry describe the issue and patch, but no additional technical specifics are available here. Monitor for updates.
CVE-2024-45405 gix-path improperly resolves configuration path reported by Git
gix-path is a crate of the gitoxide project an implementation of git written in Rust dealing paths and their conversions. Prior to version 0.10.11, gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or...
CVE-2024-45405 gix-path improperly resolves configuration path reported by Git
gix-path is a crate of the gitoxide project an implementation of git written in Rust dealing paths and their conversions. Prior to version 0.10.11, gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or...
CVE-2024-45405
gix-path is a crate of the gitoxide project an implementation of git written in Rust dealing paths and their conversions. Prior to version 0.10.11, gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or...
gix-path improperly resolves configuration path reported by Git
Summary gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or non-ASCII characters, in rare cases enabling a local attacker to inject configuration leading to code execution. Details In gixpath::env, th...
[SECURITY] Fedora 40 Update: rust-uu_readlink-0.0.23-3.fc40
readlink uutils display resolved path of PATHNAME...
BIT-PHP-2023-0568 Array overrun in common path resolve code
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...
php: 1-byte array overrun in common path resolve code
A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...
Heap Buffer Overflow
ibminizip-ng.so is vulnerable to Heap Buffer Overflow. The vulnerability is due to the mzpathresolve function in mzos.c because there is no boundary checking during the backward search for slashes in the path resolution function. This allows an attacker to craft a file with a specially structured...