17 matches found
Fedora: Security Advisory (FEDORA-2024-3891a08c9e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: php (CVE-2024-11236)
The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-11236 advisory. - In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to...
K000149655: PHP vulnerabilities CVE-2024-11236, CVE-2024-8929, CVE-2024-8932
Security Advisory Description CVE-2024-11236 In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. CVE-2024-8929 In PHP versions 8.1...
CVE-2024-11236 affecting package php for versions less than 8.3.14-1
CVE-2024-11236 affecting package php for versions less than 8.3.14-1. An upgraded version of the package is available that resolves this issue...
Ubuntu: Security Advisory (USN-7153-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : PHP vulnerabilities (USN-7157-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7157-1 advisory. It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters...
Ubuntu 16.04 LTS / 18.04 LTS : PHP vulnerability (USN-7153-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7153-1 advisory. It was discovered that PHP incorrectly handled long string inputs in two database drivers. An attacker could possibly use this issue to write files in...
CBL Mariner 2.0 Security Update: php (CVE-2024-11236)
The version of php installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-11236 advisory. - In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to...
Debian: Security Advisory (DLA-3986-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-11236 affecting package php for versions less than 8.1.31-1
CVE-2024-11236 affecting package php for versions less than 8.1.31-1. An upgraded version of the package is available that resolves this issue...
Fedora: Security Advisory (FEDORA-2024-e0d390d35b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2024-327-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-11236 vulnerabilities
Vulnerabilities for packages: php...
CVE-2024-11236 Integer overflow in the firebird and dblib quoters causing OOB writes
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...
CVE-2024-11236 Integer overflow in the firebird and dblib quoters causing OOB writes
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...
CVE-2024-11236 Integer overflow in the firebird and dblib quoters causing OOB writes
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...
CVE-2024-11236
CVE-2024-11236 affects PHP versions with ldap_escape() on 32-bit systems where uncontrolled long inputs can overflow an integer, causing an out-of-bounds write. Affected are PHP 8.1.x before 8.1.31, 8.2.x before 8.2.26, and 8.3.x before 8.3.14. The issue is described in multiple sources, includin...