38 matches found
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...
SUSE: Security Advisory (SUSE-SU-2020:1546-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1714-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1545-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1661-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1661-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: php:7.3 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.3.20. BZ1856655 Security Fixes: php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer...
ALSA-2020:3662 Moderate: php:7.3 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.3.20. BZ1856655 Security Fixes: php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer...
EulerOS Virtualization for ARM 64 3.0.6.0 : php (EulerOS-SA-2020-1895)
According to the versions of the php packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1821)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM API Connect V5 is vulnerable to denial of service (PHP CVE-2019-11048)
Summary IBM API Connect had addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11048 DESCRIPTION: PHP is vulnerable to a denial of service, caused by a flaw in the php-src/main/rfc1867.c. By uploading a specially crafted file, a remote attacker could exploit this...
Amazon Linux AMI : php72, php73 (ALAS-2020-1397)
The version of php72 installed on the remote host is prior to 7.2.31-1.23. The version of php73 installed on the remote host is prior to 7.3.19-1.26. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1397 advisory. In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18...
openSUSE Security Update : php7 (openSUSE-2020-847)
This update for php7 fixes the following issues : Security issue fixed : - CVE-2019-11048: Improved the handling of overly long filenames or field names in HTTP file uploads bsc1171999. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The...
Medium: php72, php73
Issue Overview: In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request,...
SUSE SLES12 Security Update : php5 (SUSE-SU-2020:1714-1)
This update for php5 fixes the following issues : CVE-2020-7064: Fixed a one byte read of uninitialized memory in exifreaddata bsc1168326. CVE-2020-7066: Fixed URL truncation getheaders if the URL contains zero \0 character bsc1168352. CVE-2019-11048: Improved the handling of overly long filename...
Debian DSA-4719-1 : php7.3 - security update
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this...
SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2020:1661-2)
This update for php7 fixes the following issues : Security issue fixed : CVE-2019-11048: Improved the handling of overly long filenames or field names in HTTP file uploads bsc1171999. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
SUSE SLES15 Security Update : php7 (SUSE-SU-2020:1661-1)
This update for php7 fixes the following issues : Security issue fixed : CVE-2019-11048: Improved the handling of overly long filenames or field names in HTTP file uploads bsc1171999. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
SUSE-SU-2020:1661-2 Security update for php7
This update for php7 fixes the following issues: Security issue fixed: - CVE-2019-11048: Improved the handling of overly long filenames or field names in HTTP file uploads bsc1171999...