29 matches found
MiracleLinux 8 : php:7.4 (AXSA:2022-4415:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4415:01 advisory. php: Special character breaks path in xml parsing CVE-2021-21707 php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php-pear:...
Linux Distros Unpatched Vulnerability : CVE-2021-32610
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ArchiveTar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193. CVE-2021-32610 Note...
RHEL 6 : php-pear (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 - In ArchiveTar before 1.4.14, symlinks can...
RHEL 7 : php-pear (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 - In ArchiveTar before 1.4.14, symlinks can...
openSUSE: Security Advisory for php8 (SUSE-SU-2022:3198-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2021-32610
In ArchiveTar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193...
openSUSE 15 Security Update : php8-pear (SUSE-SU-2022:3198-2)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:3198-2 advisory. - Add php8-pear to SLE15-SP4 jscSLE-24728 - Update to 1.10.21 - PEAR 1.10.13 unsupported protocol - use --force to continue Add $this operator to...
Oracle Linux 8 : php:7.4 (ELSA-2022-7628)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7628 advisory. - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 - fix SSRF bypass in FILTERVALIDATEURL CVE-2021-21705 - fix...
AlmaLinux 8 : php:7.4 (ALSA-2022:7628)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7628 advisory. php: Special character breaks path in xml parsing CVE-2021-21707 php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php-pear:...
Moderate: Red Hat Security Advisory: php:7.4 security, bug fix, and enhancement update
An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2022:7628 Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.30, php-pear 1.10.13. BZ2055422 Security Fixes: php: Special character breaks path in xml parsing CVE-2021-21707 php: Use after free...
ALSA-2022:7628 Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.30, php-pear 1.10.13. BZ2055422 Security Fixes: php: Special character breaks path in xml parsing CVE-2021-21707 php: Use after free...
Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.30, php-pear 1.10.13. BZ2055422 Security Fixes: php: Special character breaks path in xml parsing CVE-2021-21707 php: Use after free...
SUSE: Security Advisory (SUSE-SU-2022:3198-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : php8-pear (SUSE-SU-2022:3198-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3198-1 advisory. - Add php8-pear to SLE15-SP4 jscSLE-24728 - Update to 1.10.21 - PEAR 1.10.13 unsupported protocol - use --force to continue Add $this operat...
Security Bulletin: IBM API Connect is impacted by a vulnerability in Drupal core (CVE-2021-32610)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2021-32610 DESCRIPTION: Drupal Core could allow a remote attacker to execute arbitrary code on the system, caused by the use of the third-party PEAR ArchiveTar library. By persuading a victim to...
EulerOS 2.0 SP8 : php-pear (EulerOS-SA-2021-2480)
According to the versions of the php-pear package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In ArchiveTar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193...
Huawei EulerOS: Security Advisory for php-pear (EulerOS-SA-2021-2480)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : php-pear (ALAS-2021-1708)
The version of php-pear installed on the remote host is prior to 1.10.12-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1708 advisory. In ArchiveTar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than...
Medium: php-pear
Issue Overview: In ArchiveTar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193. CVE-2021-32610 Affected Packages: php-pear Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section fo...