ImageMagick 代码注入漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained a code injection vulnerability. This vulnerability stemmed from the ps...

php: pgsql extension does not check for errors during escaping

A flaw was found in PHP. Missing error checking could result in SQL injection, and missing error handling could lead to crashes due to null pointer dereferences...

RHEL 8 : php:7.4 (RHSA-2026:2470)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2470 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap...

ALSA-2026:1412 Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...

php: pgsql extension does not check for errors during escaping

A flaw was found in PHP. Missing error checking could result in SQL injection, and missing error handling could lead to crashes due to null pointer dereferences...

BIT-LIBPHP-2025-1735 pgsql extension does not check for errors during escaping

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

pgsql extension does not check for errors during escaping

...

Security update for php8

This update for php8 fixes the following issues: Version update to 8.2.29: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extensi...

SUSE-SU-2025:02474-1 Security update for php8

This update for php8 fixes the following issues: Version update to 8.2.29: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP...

SUSE-SU-2025:02473-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML...

Security update for php8

This update for php8 fixes the following issues: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...

SUSE-SU-2025:02463-1 Security update for php8

This update for php8 fixes the following issues: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML...

Security update for php8

This update for php8 fixes the following issues: Version update to 8.3.23: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extensi...

SUSE-SU-2025:02462-1 Security update for php8

This update for php8 fixes the following issues: Version update to 8.3.23: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP...

golang: html/template: improper handling of special tags within script contexts

A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...

golang: html/template: improper handling of special tags within script contexts

A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...