11 matches found
EUVD-2021-8876
Malicious code in bioql PyPI...
Amazon Linux 2 : php (ALASPHP8.0-2023-008)
The version of php installed on the remote host is prior to 8.0.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.0-2023-008 advisory. Several flaws has been found in php. The pdofirebase module does not check the length of the server version string in a...
EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2022-1089)
According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious...
CVE-2021-21704
CVE-2021-21704 involves PHP’s Firebird PDO driver extension. When using affected PHP versions, a malicious server can cause crashes in database functions (e.g., getAttribute(), execute(), fetch()) by returning invalid response data not parsed correctly by the driver, leading to crashes, denial of...
CVE-2021-21704
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute, execute, fetch and others by returning invalid response data that is not...
Amazon Linux AMI : php73 (ALAS-2021-1532)
The version of php73 installed on the remote host is prior to 7.3.29-1.30. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1532 advisory. Several flaws has been found in php. The pdofirebase module does not check the length of the server version string in a...
SUSE SLES15: apache2-mod_php7 / php7 / php7-bcmath / php7-bz2 / php7-calendar / etc (SUSE-SU-2021:2795-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2795-1 advisory. - CVE-2021-21704: Fixed security issues in pdofirebase module bsc1188035. Tenable has extracted the preceding description block directly fro...
SUSE SLES15: apache2-mod_php7 / php7 / php7-bcmath / php7-bz2 / php7-calendar / etc (SUSE-SU-2021:2637-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2637-1 advisory. - CVE-2021-21704: Fixed security issues in pdofirebase module bsc1188035. - CVE-2021-21705: Fixed SSRF bypass in FILTERVALIDATEURL bsc1188037...
[SECURITY] [DSA 4935-1] php7.3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4935-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 05, 2021 https://www.debian.org/security/faq -...
CVE-2021-21704
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute, execute, fetch and others by returning invalid response data that is not...
UBUNTU-CVE-2021-21704
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute, execute, fetch and others by returning invalid response data that is not...