php:7.4 security update

An update is available for module.libzip, module.php-pecl-apcu, module.php-pecl-zip, php-pecl-rrd, module.php-pear, module.php-pecl-rrd, php-pecl-zip, php-pecl-xdebug, php, module.php-pecl-xdebug, libzip, module.php, php-pecl-apcu, php-pear. This update affects Rocky Linux 8. A Common Vulnerabili...

php:8.2 security update

An update is available for module.libzip, module.php-pecl-apcu, module.php-pecl-xdebug3, module.php-pecl-zip, php-pecl-rrd, module.php-pear, module.php-pecl-rrd, php-pecl-zip, php, libzip, module.php, php-pecl-apcu, php-pecl-xdebug3, php-pear. This update affects Rocky Linux 8. A Common...

RHSA-2024:10951 Red Hat Security Advisory: php:8.2 security update

Bulletin has no description...

RHSA-2024:10950 Red Hat Security Advisory: php:8.1 security update

Bulletin has no description...

php:7.4 security update

libzip 1.6.1-1 - update to 1.6.1 - enable lzma support php 7.4.33-2 - fix low/moderate CVEs RHEL-66589 - Fix cgi.forceredirect configuration is bypassable due to the environment variable collision CVE-2024-8927 - Fix Logs from childrens may be altered CVE-2024-9026 - Fix Erroneous parsing of...

Moderate: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

CVE-2024-52385

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpmart Team Member team-showcase-supreme.This issue affects Team Member: from n/a through = 7.4...

OESA-2024-2478 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

PHP 8.1.x < 8.1.31 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.31, 8.2.x prior to 8.2.26, or 8.3.x prior to 8.3.14. It is, therefore, affected by multiple vulnerabilities: - OOB access in ldapescape. CVE-2024-8932 - Leak partial content of the...

CVE-2024-8932

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...

CVE-2024-51754

Twig is a template language for PHP. In a sandbox, an attacker can call toString on an object even if the toString method is not allowed by the security policy when the object is part of an array or an argument list arguments to a function or a filter for instance. This issue has been patched in...

[SECURITY] [DLA 3920-1] php7.4 security update

Debian LTS Advisory DLA-3920-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin October 14, 2024 https://wiki.debian.org/LTS Package : php7.4 Version : 7.4.33-1+deb11u6 CVE ID : CVE-2022-4900 CVE-2024-5458 CVE-2024-8925 CVE-2024-8927 CVE-2024-9026 Debian Bug : 10728...

OESA-2024-2248 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

CVE-2024-8927

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, HTTPREDIRECTSTATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP...

K000141355: Multiple PHP vulnerabilities

Security Advisory Description CVE-2016-4342 ext/phar/pharobject.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact v...

RHSA-2017:3221 Red Hat Security Advisory: php security update

Bulletin has no description...