OPENSUSE-SU-2026:10595-1 php8-8.5.5-1.1 on GA media

These are all security issues fixed in the php8-8.5.5-1.1 package on the GA media of openSUSE Tumbleweed...

Security update for php8 (moderate)

openSUSE security update: security update for php8 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20113-1 Rating: moderate References: bsc1255043 bsc1255710 bsc1255711 bsc1255712 Cross-References: CVE-2025-14177 CVE-2025-14178 CVE-2025-14180 CVSS...

openSUSE 15 Security Update : php8 (SUSE-SU-2026:0071-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0071-1 advisory. Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk...

EUVD-2023-2702

Malicious code in bioql PyPI...

MINI-7V2Q-CXXP-PHP8

Bulletin has no description...

openSUSE Security Advisory (SUSE-SU-2025:02474-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : php8 (SUSE-SU-2025:02474-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02474-1 advisory. Version update to 8.2.29: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixe...

SUSE: Security Advisory (SUSE-SU-2025:02463-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : php8 (SUSE-SU-2025:02462-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02462-1 advisory. Version update to 8.3.23: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql...

CVE-2023-29009

baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0...

openSUSE Security Advisory (SUSE-SU-2025:1012-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : php8 (SUSE-SU-2025:1012-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1012-1 advisory. - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2024-11235:...

SUSE: Security Advisory (SUSE-SU-2025:0994-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:1012-1 Security update for php8

This update for php8 fixes the following issues: - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1219: Fixed libxml streams using wrong...

SUSE-SU-2025:0994-1 Security update for php8

This update for php8 fixes the following issues: - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2025-1219: Fixed libxml streams using wrong...

php8-8.3.19-1.1 on GA media (moderate)

php8-8.3.19-1.1 on GA media Announcement ID: openSUSE-SU-2025:14895-1 Rating: moderate Cross-References: CVE-2024-11235 CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 Affected Products: openSUSE Tumbleweed An update that solves 6 vulnerabilities can now be installed...

SUSE SLES15 / openSUSE 15 Security Update : php8 (SUSE-SU-2024:4136-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4136-1 advisory. - CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter bsc1233702. - CVE-2024-11234:...

SUSE SLES15 / openSUSE 15 Security Update : php8 (SUSE-SU-2024:4215-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4215-1 advisory. - CVE-2024-11233: buffer overread when processing input with the convert.quoted-printable-decode filter. bsc1233702 -...

openSUSE Security Advisory (SUSE-SU-2024:4215-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:4215-1 Security update for php8

This update for php8 fixes the following issues: - CVE-2024-11233: buffer overread when processing input with the convert.quoted-printable-decode filter. bsc1233702 - CVE-2024-11234: possible CRLF injection in URIs when a proxy is configured in a stream context. bsc1233703 - CVE-2024-8929: data...