BIT-PHP-2023-0568 Array overrun in common path resolve code

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

PHP 8.0.x < 8.0.29 Information Disclosure

According to its self-reported version number, the version of PHP installed on the remote host is 8.0.x prior to 8.0.29, 8.1.x prior to 8.1.20, or 8.2.x prior to 8.2.7. It is, therefore, affected by an information disclosure vulnerability. The random byte generation function used in the SOAP HTTP...

K000133753: PHP vulnerability CVE-2023-0662

Security Advisory Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU...

Debian DSA-5363-1 : php7.4 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5363 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2023:0513-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0513-1 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, passwordverify functio...

Fedora 37 : php (2023-452714dbc6)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-452714dbc6 advisory. PHP version 8.1.16 14 Feb 2023 Core: Fixed bug php81744 Passwordverify always return true with some hash. CVE-2023-0567. Tim Dsterhus Fixed bug...

CVE-2023-0662

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

CVE-2023-0568 Array overrun in common path resolve code

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

CVE-2023-0567 password_verify() always returns true for some invalid hashes

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, passwordverify function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid...

PHP 8.0.x < 8.0.28

The version of PHP installed on the remote host is prior to 8.0.28. It is, therefore, affected by a vulnerability as referenced in the Version 8.0.28 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high...

PHP 8.0.x < 8.0.27 Integer Overflow

According to its self-reported version number, the version of PHP installed on the remote host is 8.0.x prior to 8.0.27, 8.1.x prior to 8.1.14, or 8.2.x prior to 8.2.1. It is, therefore, affected by an integer overflow. Note that the scanner has not tested for these issues but has instead relied...

PHP 7.4.x < 7.4.32 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 7.4.x prior to 7.4.32, 8.0.x prior to 8.0.24, or 8.1.x prior to 8.1.11. It is, therefore, affected by multiple vulnerabilities: - The phar uncompressor code would recursively uncompress quines gzip...

CVE-2021-21708 UAF due to php_filter_float() failing

In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTERVALIDATEFLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in...

PHP 8.0.x < 8.0.13 Local File Inclusion

According to its self-reported version number, the version of PHP running on the remote web server is 7.3.x prior to 7.3.33, 7.4.x prior to 7.4.26 or 8.0.x prior to 8.0.13. It is, therefore, affected by a local file inclusion vulnerability due to NULL byte special character breaking the path in x...