PHP 8.2.x < 8.2.18 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.2.18. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.2.18 advisory. - In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard...

CVE-2023-29020

@fastify/passport is a port of passport authentication library for the Fastify ecosystem. The CSRF Cross-Site Request Forger protection enforced by the @fastify/csrf-protection library, when combined with @fastify/passport in affected versions, can be bypassed by network and same-site attackers...

PHP 7.4.x < 7.4.32 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 7.4.x prior to 7.4.32, 8.0.x prior to 8.0.24, or 8.1.x prior to 8.1.11. It is, therefore, affected by multiple vulnerabilities: - The phar uncompressor code would recursively uncompress quines gzip...

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...