2 matches found
Security update for php8
This update for php8 fixes the following issues: Security fixes: CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element cou...
Key Exchange without Entity Authentication
Overview Affected versions of this package are vulnerable to Key Exchange without Entity Authentication in the SFTP implementation in the wolfSSH backend. An attacker can intercept or manipulate data in transit by performing a man-in-the-middle attack. Note: This issue affects only users that bui...