Unity Linux 20.1060e / 20.1070e Security Update: php (UTSA-2026-017556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017556 advisory. In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root a...

Oracle Linux 9 : php (ELSA-2022-8197)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8197 advisory. 8.0.20-3 - snmp3 calls using authPriv or authNoPriv immediately return false 2104630 8.0.20-2 - fix patch41 not applied use system nikic/php-parser whe...

PHP Code Issues Vulnerabilities

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHP community. The language is primarily used for web development and supports a variety of databases and operating systems. A code issue exists in Php SoapClient, which can be...

Medium: php73

Issue Overview: In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exifreaddata function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash...

CVE-2020-7059

When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash...