PHP 7.1.x < 7.1.30, 7.2.x < 7.2.19, 7.3.x < 7.3.6 Multiple Vulnerabilities - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

MGASA-2020-0134 Updated libgd packages fix security vulnerability

The updated packages fix a security vulnerability: When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause t...

Information Disclosure

PHP is vulnerable to Information disclosure. When an attacker supplies malicious data, it causes the funciton gdImageCreateFromXbm to use the value of uninitialized variable...

gd: Information disclosure in gdImageCreateFromXbm()

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

Medium: php71, php72, php73

Issue Overview: Function iconvmimedecodeheaders in PHP may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.CVE-2019-11039 When using gdImageCreateFromXbm function of PHP gd extension, it is possible to supply data that...

PHP GD Extension Input Validation Error Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems.EXIF extension is one of the...

DEBIAN-CVE-2019-11038

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

Code injection

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

PHP 7.2.x < 7.2.19 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.30, 7.2.x prior to 7.2.19 or 7.3.x prior to 7.3.6. It is, therefore, affected by the following vulnerabilities: - An uninitialized read vulnerability exists in gdImageCreateFromXbm due to sscanf...

PHP 7.3.x < 7.3.6 Multiple Vulnerabilities.

According to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.6. It is, therefore, affected by the following vulnerabilities: - An uninitialized vulnerability exists in gdImageCreateFromXbm due to sscanf method not being able to read a hex value. An attacker m...

PHP 7.2.x < 7.2.19 Multiple Vulnerabilities.

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.19. It is, therefore, affected by the following vulnerabilities: - An uninitialized vulnerability exists in gdImageCreateFromXbm due to sscanf method not being able to read a hex value. An attacker...