OPENSUSE-SU-2024:11168-1 php7-pear-1.10.21-1.2 on GA media

These are all security issues fixed in the php7-pear-1.10.21-1.2 package on the GA media of openSUSE Tumbleweed...

SUSE: Security Advisory (SUSE-SU-2021:3018-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : php7-pear (openSUSE-SU-2021:1267-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1267-1 advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issu...

openSUSE: Security Advisory for php7-pear (openSUSE-SU-2021:1267-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:1267-1 Security update for php7-pear

This update for php7-pear fixes the following issues: - CVE-2020-36193: Fixed ArchiveTar directory traversal due to inadequate checking of symbolic links bsc1189591. This update was imported from the SUSE:SLE-15-SP2:Update update project...

Security update for php7-pear (important)

openSUSE Security Update: Security update for php7-pear Announcement ID: openSUSE-SU-2021:1267-1 Rating: important References: 1189591 Cross-References: CVE-2020-36193 CVSS scores: CVE-2020-36193 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2020-36193 SUSE: 7.5...

openSUSE 15 Security Update : php7-pear (openSUSE-SU-2021:3018-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3018-1 advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issu...

openSUSE: Security Advisory for php7-pear (openSUSE-SU-2021:3018-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES15 Security Update : php7-pear (SUSE-SU-2021:3018-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:3018-1 advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue t...

OPENSUSE-SU-2021:3018-1 Security update for php7-pear

This update for php7-pear fixes the following issues: - CVE-2020-36193: Fixed ArchiveTar directory traversal due to inadequate checking of symbolic links bsc1189591...

SUSE-SU-2021:3018-1 Security update for php7-pear

This update for php7-pear fixes the following issues: - CVE-2020-36193: Fixed ArchiveTar directory traversal due to inadequate checking of symbolic links bsc1189591...

Security update for php7-pear (important)

openSUSE Security Update: Security update for php7-pear Announcement ID: openSUSE-SU-2021:3018-1 Rating: important References: 1189591 Cross-References: CVE-2020-36193 CVSS scores: CVE-2020-36193 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2020-36193 SUSE: 7.5...

Amazon Linux AMI : php7-pear (ALAS-2021-1481)

The version of php7-pear installed on the remote host is prior to 1.10.12-5.32. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1481 advisory. Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic...

Medium: php7-pear

Issue Overview: Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links. cve-2020-36193 Affected Packages: php7-pear Issue Correction: Run yum update php7-pear or yum update --advisory ALAS-2021-1481 to update your system...

Medium: php7-pear

Issue Overview: ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28948 ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite...

Amazon Linux AMI : php7-pear (ALAS-2021-1466)

The version of php7-pear installed on the remote host is prior to 1.10.12-4.30. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1466 advisory. ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

SUSE SLES12 Security Update : php7 (SUSE-SU-2017:2303-1)

This update for php7 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...

openSUSE Security Update : php7 (openSUSE-2017-994)

This update for php7 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...

Security update for php7 (important)

This update for php7 fixes the following issues: - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...