7 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-3823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables...
BIT-PHP-MIN-2023-3823 Security issue with external entity loading in XML without enabling it
In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling...
Debian dsa-5660 : libapache2-mod-php7.4 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5660 advisory. - In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables...
Amazon Linux 2 : php (ALASPHP8.0-2023-009)
The version of php installed on the remote host is prior to 8.0.30-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.0-2023-009 advisory. GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixe...
AZL-63085 CVE-2023-3823 affecting package php for versions less than 8.2.8-1
In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling...
AZL-27962 CVE-2023-3823 affecting package php for versions less than 8.1.22-1
In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling...
PT-2023-5956 · Php +11 · Php +11
Name of the Vulnerable Software and Affected Versions: PHP versions 8.0. through 8.0.29 PHP versions 8.1. through 8.1.21 PHP versions 8.2. through 8.2.7 Description: The issue is related to the way PHP's XML functions rely on libxml global state to track configuration variables. This state can be...