RHSA-2016:2598 Red Hat Security Advisory: php security and bug fix update

Bulletin has no description...

RHSA-2015:0021 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2014:1327 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2013:1813 Red Hat Security Advisory: php53 and php security update

Bulletin has no description...

RHSA-2013:1825 Red Hat Security Advisory: php53 security update

Bulletin has no description...

RHSA-2013:1824 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2012:0570 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2007:0163 Red Hat Security Advisory: php security update for Stronghold

Bulletin has no description...

RHSA-2006:0730 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2006:0568 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2004:392 Red Hat Security Advisory: php security update

Bulletin has no description...

[SECURITY] [DLA 3833-1] php7.3 security update

Debian LTS Advisory DLA-3833-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 17, 2024 https://wiki.debian.org/LTS Package : php7.3 Version : 7.3.31-1deb10u7 CVE ID : CVE-2024-5458 Debian Bug : 1072885 PHP, a widely-used open source general purpose scripting...

OPENSUSE-SU-2024:11638-1 php8-8.0.13-1.1 on GA media

These are all security issues fixed in the php8-8.0.13-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2024-5585

The CVE-2024-5585 issue affects PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, and 8.3.* before 8.3.8. It is a follow-on to CVE-2024-1874: the fix for that vulnerability does not work when the command name includes trailing spaces while using proc_open() with array syntax, enabling potent...

WordPress Responsive Addons plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-3096

In PHP version 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, if a password stored with passwordhash starts with a null byte \x00, testing a blank string as the password via passwordverify will incorrectly return true...

CVE-2024-2757

In PHP 8.3. before 8.3.5, function mbencodemimeheader runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function...

CVE-2024-1874

In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands ...

CVE-2024-2757

In PHP 8.3. before 8.3.5, function mbencodemimeheader runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function...

PHP < 8.1.28, 8.2.x < 8.2.18, 8.3.x < 8.3.6 Security Update (GHSA-h746-cjrr-wfmr) - Linux

PHP is prone to a vulnerability in passwordverify. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...