Oracle Linux 9 : php:8.2 (ELSA-2026-1409)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1409 advisory. php 8.2.30-1 - rebase to 8.2.30 php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip Tenable has extracted the preceding description block directly...

Oracle Linux 9 : php:8.3 (ELSA-2026-1429)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1429 advisory. php 8.3.29-1 - rebase to 8.3.29 php-pecl-apcu php-pecl-redis6 php-pecl-rrd php-pecl-xdebug3 php-pecl-zip Tenable has extracted the preceding descriptio...

EUVD-2016-8254

Malware in sbrugna...

EUVD-2022-5878

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-7398

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP...

CVE-2016-7398

A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...

php:8.1 security update

php 8.1.32-1 - rebase to 8.1.32 php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip:...

Linux Distros Unpatched Vulnerability : CVE-2017-5630

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote...

php:8.1 security update

php 8.1.30-1 - rebase to 8.1.30 RHEL-64144 php-pecl-apcu 5.1.21-1 - update to 5.1.21 for PHP 8.1 2070040 php-pecl-rrd php-pecl-xdebug3 3.1.4-1 - update to 3.1.4 for PHP 8.1 2070040 php-pecl-zip 1.20.1-1 - update to 1.20.1 for PHP 8.1 2070040...

Oracle Linux 8 : php:8.2 (ELSA-2024-10951)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10951 advisory. libzip php 8.2.25-1 - rebase to 8.2.25 RHEL-66166 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip Tenable has extracted the precedin...

php:8.2 security update

php 8.2.25-1 - rebase to 8.2.25 RHEL-65837 php-pecl-apcu 5.1.23-1 - update to 5.1.23 for PHP 8.2 RHEL-14699 php-pecl-rrd php-pecl-xdebug3 3.2.2-2 - drop inetntoa usage using upstream patch 3.2.2-1 - update to 3.2.2 for PHP 8.2 RHEL-14699 php-pecl-zip 1.22.3-1 - update to 1.22.3 for PHP 8.2...

php:8.2 security update

libzip php 8.2.25-1 - rebase to 8.2.25 RHEL-66166 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...

RHSA-2012:0811 Red Hat Security Advisory: php-pecl-apc security, bug fix, and enhancement update

Bulletin has no description...

Insecure Deserialization in TYPO3 CMS

It has been discovered that the Form Framework system extension "form" is vulnerable to Insecure Deserialization when being used with the additional PHP PECL package “yaml”, which is capable of unserializing YAML contents to PHP objects. A valid backend user account as well as having PHP setting...

RHEL 6 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: Unsafe deserialization of data in ArchiveTar class CVE-2018-1000888 - PECL in the download...

TYPO3 CMS Insecure Deserialization

It has been discovered that the Form Framework system extension form is vulnerable to Insecure Deserialization when being used with the additional PHP PECL package yaml, which is capable of unserializing YAML contents to PHP objects. A valid backend user account as well as having PHP setting...

openSUSE: Security Advisory for php8 (SUSE-SU-2022:3198-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

php:8.0 security update

libzip php 8.0.30-1 - rebase to 8.0.30 - Resolves: RHEL-11946 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...

Amazon Linux AMI : php55-pecl-imagick (ALAS-2023-1812)

The version of php55-pecl-imagick installed on the remote host is prior to 3.4.4-2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1812 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....

Amazon Linux AMI : php72-pecl-imagick (ALAS-2023-1815)

The version of php72-pecl-imagick installed on the remote host is prior to 3.4.4-2.10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1815 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....