RHSA-2021:2992 Red Hat Security Advisory: rh-php73-php security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2019:3736 Red Hat Security Advisory: php:7.3 security update

Bulletin has no description...

Sensitive Information Disclosure

zendframework/zend-developer-tools is vulnerable to Sensitive Information Disclosure. The vulnerability is due to a change made during the update to support PHP 7.3 that potentially prevents toolbar entries, which are enabled by default, from being disabled. The attacker can exploit this by...

Zend-developer-tools information disclosure vulnerability

The package zendframework/zend-developer-tools provides a web-based toolbar for introspecting an application. When updating the package to support PHP 7.3, a change was made that could potentially prevent toolbar entries that are enabled by default from being disabled...

DLA-3810-1 php7.3 - security update

Bulletin has no description...

Important: php73

Issue Overview: A flaw was discovered in the link function in PHP. When compiled on Windows, it does not correctly handle paths containing NULL bytes. An attacker could abuse this flaw to bypass application checks on file paths. CVE-2019-11044 In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.1...

Rocky Linux 8 : php:7.3 (RLSA-2019:3736)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2019:3736 advisory. - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to writ...

Ubuntu 16.04 ESM / 18.04 ESM : Oniguruma vulnerabilities (USN-5662-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5662-1 advisory. It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial...

DLA-3555-1 php7.3 - security update

Bulletin has no description...

[SECURITY] [DLA 3458-1] php7.3 security update

Debian LTS Advisory DLA-3458-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin June 20, 2023 https://wiki.debian.org/LTS Package : php7.3 Version : 7.3.31-1deb10u4 CVE ID : CVE-2023-3247 Niels Dossche and Tim Düsterhus discovered that PHPs implementation of the SOA...

DLA-3458-1 php7.3 - security update

Bulletin has no description...

DLA-3345-1 php7.3 - security update

Bulletin has no description...

K45991967: PHP vulnerability CVE-2020-7060

Security Advisory Description When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbflfiltconvbig5wchar to read past the allocated buffer. This may...

Mageia: Security Advisory (MGASA-2019-0053)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP 7.3.x < 7.3.33 Local File Inclusion

According to its self-reported version number, the version of PHP running on the remote web server is 7.3.x prior to 7.3.33, 7.4.x prior to 7.4.26 or 8.0.x prior to 8.0.13. It is, therefore, affected by a local file inclusion vulnerability due to NULL byte special character breaking the path in x...

DSA-4993-1 php7.3 - security update

Bulletin has no description...

PHP 7.3.x < 7.3.31 Path Traversal

According to its self-reported version number, the version of PHP installed on the remote host is 7.3.x prior to 7.3.31, 7.4.x prior to 7.4.24, or 8.x prior to 8.0.11. It is, therefore, affected by a path traversal via ZipArchive::extractTo. Note that the scanner has not tested for these issues b...

DSA-4935-1 php7.3 - security update

Bulletin has no description...

PHP 7.3.x < 7.3.28 Header Injection Vulnerability

According to its self-reported version number, the version of PHP installed on the remote host is 7.3.x prior to 7.3.28, 7.4.x prior to 7.4.18, or 8.x prior to 8.0.5. It is, therefore, affected by a header injection via imapmailcompose. Note that the scanner has not tested for these issues but ha...

[SECURITY] [DSA 4856-1] php7.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4856-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 17, 2021 https://www.debian.org/security/faq -...