13 matches found
php: pgsql extension does not check for errors during escaping
A flaw was found in PHP. Missing error checking could result in SQL injection, and missing error handling could lead to crashes due to null pointer dereferences...
Important: Red Hat Security Advisory: php:8.2 security update
An update for the php:8.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
PHP 8.3.x < 8.3.23 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.33, 8.2.x prior to 8.2.29, 8.3.x prior to 8.3.23, or 8.4.x prior to 8.4.10. It is, therefore, affected by multiple vulnerabilities: - pgsql extension does not check for errors duri...
PHP 8.4.x < 8.4.10 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.33, 8.2.x prior to 8.2.29, 8.3.x prior to 8.3.23, or 8.4.x prior to 8.4.10. It is, therefore, affected by multiple vulnerabilities: - pgsql extension does not check for errors duri...
PHP 8.1.x < 8.1.33 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.33, 8.2.x prior to 8.2.29, 8.3.x prior to 8.3.23, or 8.4.x prior to 8.4.10. It is, therefore, affected by multiple vulnerabilities: - pgsql extension does not check for errors duri...
PHP 8.2.x < 8.2.29 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.33, 8.2.x prior to 8.2.29, 8.3.x prior to 8.3.23, or 8.4.x prior to 8.4.10. It is, therefore, affected by multiple vulnerabilities: - pgsql extension does not check for errors duri...
MGASA-2025-0203 Updated php packages fix security vulnerabilities
PGSQL: Fixed GHSA-hrwm-9436-5mv3 pgsql extension does not check for errors during escaping. CVE-2025-1735 SOAP: Fixed GHSA-453j-q27h-5p8x NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix. CVE-2025-6491 Standard: Fixed GHSA-3cr5-j632-f35r Null byte termination in...
Updated php packages fix security vulnerabilities
PGSQL: Fixed GHSA-hrwm-9436-5mv3 pgsql extension does not check for errors during escaping. CVE-2025-1735 SOAP: Fixed GHSA-453j-q27h-5p8x NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix. CVE-2025-6491 Standard: Fixed GHSA-3cr5-j632-f35r Null byte termination in...
[slackware-security] php
New php packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.33-i586-1slack15.0.txz: Upgraded. This update fixes security issues: PGSQL: Fixed pgsql extension does not check for errors during...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...
Null Pointer Dereference
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...
Moderate: Red Hat Security Advisory: php55 security and bug fix update
Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Amazon Linux AMI : php56 (ALAS-2015-511)
A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. CVE-2015-1351 A NULL pointer dereference flaw was found in PHP's pgsql extension. A specially crafted table name passed to function as pginsert or pgselect could...