3 matches found
BIT-PHP-MIN-2026-7258 Out-of-bounds read in urldecode() on NetBSD
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, some functions, including urldecode, pass signed char to ctype functions like isxdigit. On the systems with default signed char and optimized table-lookup ctype functions - such as NetBSD - this can...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-005265)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005265 advisory. In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, a heap buffer overflow occurs in arraymerge when t...
PHP 8.5.x < 8.5.1 Multiple Vulnerabilities - Windows
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...