5 matches found
Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2025-872)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-872 advisory. The upstream advisory describes this issue as follows: A memory-related vulnerability in PHP's filter handling system, particularly when processing input with convert.quoted-printable-decode...
USN-7643-1 libsoup3, libsoup2.4 vulnerabilities
Jan Różański discovered that libsoup incorrectly handled range headers in an HTTP request. An attacker could possibly use this issue to cause libsoup to consume excessive memory, resulting in a denial of service. CVE-2025-32907 Alon Zahavi discovered that libsoup incorrectly handled memory when...
python-tornado security update
6.4.2-2.2 - tests: add citest.fmf + update gating.yaml Related: RHEL-91999 6.4.2-2.1 - httputil: Raise errors instead of logging in multipart/form-data parsing Resolves: RHEL-91999...
USN-7049-3 php5 vulnerabilities
USN-7049-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 14.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled parsing multipart form data.A remote attacker could possibly use this issue to inject payloads and cause PHP to...
DEBIAN-CVE-2024-8925
In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being processed. This could lead to malicious attacker able to control part of the submitted data being able to...