54 matches found
MiracleLinux 7 : php-5.4.16-48.0.1.el7.AXS7 (AXSA:2024-8915:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8915:02 advisory. CVE-2020-7071: fix URL validation with functions like filtervar$url, FILTERVALIDATEURL CVE-2021-21705: fix URL validation functionality via filterva...
Linux Distros Unpatched Vulnerability : CVE-2020-7071
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an U...
CVE-2020-7071 affecting package php 7.4.14-3
CVE-2020-7071 affecting package php 7.4.14-3. This CVE either no longer is or was never applicable...
SUSE: Security Advisory (SUSE-SU-2022:4069-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:4068-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: apache2-mod_php7 / php7 / php7-bcmath / php7-bz2 / php7-calendar / etc (SUSE-SU-2022:4069-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4069-1 advisory. - Version update to 7.4.33: - CVE-2022-31630: Fixed out-of-bounds read due to insufficient input...
Mageia: Security Advisory (MGASA-2021-0025)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202105-23 : PHP: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202105-23 PHP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers and bugs referenced below for details. Impact : Please review the referenced CVE identifiers and bugs...
Oracle Linux 8 : php:7.4 (ELSA-2021-4213)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4213 advisory. libzip php 7.4.19-1 - rebase to 7.4.19 1944110 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
Moderate: Red Hat Security Advisory: php:7.4 security, bug fix, and enhancement update
An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ALSA-2021:4213 Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.19. BZ1944110 Security Fixes: php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV CVE-2020-7069 php: FILTERVALIDATEURL...
RLSA-2021:4213 Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.19. BZ1944110 Security Fixes: php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV CVE-2020-7069 php: FILTERVALIDATEURL...
Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.19. BZ1944110 Security Fixes: php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV CVE-2020-7069 php: FILTERVALIDATEURL...
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...
RHEL 7 : rh-php73-php (RHSA-2021:2992)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2992 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later...
Moderate: Red Hat Security Advisory: rh-php73-php security, bug fix, and enhancement update
An update for rh-php73-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...
Ubuntu 16.04 ESM : PHP vulnerabilities (USN-5006-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5006-2 advisory. USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...
Ubuntu: Security Advisory (USN-5006-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5006-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-7068 It wa...