14 matches found
Advisory ROSA-SA-2025-2570
software: php 7.4.33 WASP: ROSA-CHROME packageevrstring: php-7.4.33-11 CVE-ID: CVE-2022-4900 BDU-ID: 2023-02666 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the phpcliserverstartupworkers sapi/cli/phpcliserver.c function of the PHP programming language interpreter is related to an operation...
Debian dla-3920 : libapache2-mod-php7.4 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3920 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3920-1 [email protected]...
RHEL 9 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - php: potential buffer overflow in phpcliserverstartupworkers CVE-2022-4900 Note that Nessus has not tested for this...
Ubuntu: Security Advisory (USN-6757-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : PHP vulnerabilities (USN-6757-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6757-2 advisory. USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu...
Ubuntu: Security Advisory (USN-6757-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6757-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled PHPCLISERVERWORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2022-4900 It was discovered that PHP incorrectly handled certain...
Amazon Linux 2 : php (ALASPHP8.0-2024-010)
The version of php installed on the remote host is prior to 8.0.24-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.0-2024-010 advisory. 2024-02-15: CVE-2022-31629 was added to this advisory. 2024-02-15: CVE-2022-31628 was added to this advisory. In PHP...
CVE-2022-4900
CVE-2022-4900 is a PHP heap-buffer overflow caused by setting PHP_CLI_SERVER_WORKERS to a large value. From connected sources, IBM Storage Sentinel Anomaly Scan Engine 1.1 and Debian/IBM advisories confirm the issue affects PHP and can enable a local denial-of-service condition. Remediation in th...
SUSE SLES12: apache2-mod_php74 / php74 / php74-bcmath / php74-bz2 / etc (SUSE-SU-2023:1847-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1847-1 advisory. - CVE-2022-4900: Fixed potential buffer overflow via PHPCLISERVERWORKERS environment variable. bsc1209537 Tenable has extracted the precedin...
SUSE-SU-2023:1847-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2022-4900: Fixed potential buffer overflow via PHPCLISERVERWORKERS environment variable. bsc1209537...
SUSE-SU-2023:1846-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2022-4900: Fixed potential buffer overflow via PHPCLISERVERWORKERS environment variable. bsc1209537...
openSUSE 15 Security Update : php7 (SUSE-SU-2023:1583-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:1583-1 advisory. - CVE-2022-4900: Fixed potential buffer overflow via PHPCLISERVERWORKERS environment variable. bsc1209537 Tenable has extracted the preceding description blo...
SUSE-SU-2023:1583-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2022-4900: Fixed potential buffer overflow via PHPCLISERVERWORKERS environment variable. bsc1209537...