20 matches found
SUSE CVE-2026-24894
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...
GO-2026-4489 FrankenPHP leaks session data between requests in worker mode in github.com/dunglas/frankenphp
FrankenPHP leaks session data between requests in worker mode in github.com/dunglas/frankenphp...
CVE-2026-24894
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...
CVE-2026-24894
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...
CVE-2026-24894
FrankenPHP in worker mode prior to 1.11.2 does not reset the PHP $_SESSION between requests, allowing a subsequent request on the same worker to read the previous request’s session data before session_start() is called. This could expose potentially sensitive session information across users. The...
CVE-2026-24894 FrankenPHP leaks session data between requests in worker mode
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...
CVE-2026-24894
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...
CVE-2026-24894 FrankenPHP leaks session data between requests in worker mode
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...
CVE-2026-24894 FrankenPHP leaks session data between requests in worker mode
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration via the frankenphpresetsuperglobals reset logic. An attacker can access sensitive session data belonging to other users by sending a request to a worker before sessionstart is called. note: This is only...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration via the frankenphpresetsuperglobals reset logic. An attacker can access sensitive session data belonging to other users by sending a request to a worker before sessionstart is called. note: This is only...
GHSA-R3XH-3R3W-47GP FrankenPHP leaks session data between requests in worker mode
Summary When running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potentially belonging to a different user before sessionstart is...
FrankenPHP leaks session data between requests in worker mode
Summary When running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potentially belonging to a different user before sessionstart is...
PT-2026-7871
Name of the Vulnerable Software and Affected Versions FrankenPHP versions prior to 1.11.2 Description FrankenPHP, when running in worker mode, does not correctly reset the $ SESSION superglobal between requests. This allows a subsequent request processed by the same worker to access the $ SESSION...
FrankenPHP 代码问题漏洞
FrankenPHP is an open-source PHP application server developed by phpnet. Versions of FrankenPHP prior to 1.11.2 had code vulnerabilities. These vulnerabilities stemmed from the fact that, when running in worker mode, the $SESSION superglobal variable was not properly reset between requests,...
VulnCheck KEV: CVE-2019-0211
Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute code with the privileges of the parent process usually root by manipulating the scoreboard...
Option to Install Veeam ONE Agent is Unavailable (Greyed Out)
Challenge When attempting to install the Veeam ONE Agent on a Veeam Backup Server, theInstall agent option is unavailable and greyed out. Cause There are several possible causes for this issue: The Veeam ONE Agent is already installed on the Veeam Backup & Replication Server. The Veeam ONE Server...
OPENSUSE-SU-2019:2556-1 Security update for haproxy
This update for haproxy to version 2.0.5+git0.d905f49a fixes the following issues: Security issue fixed: - CVE-2019-14241: Fixed a cookie memory corruption problem. bsc1142529 The update to 2.0.5 brings lots of features and bugfixes: - new internal native HTTP representation called HTX, was alrea...
SUSE-SU-2019:3002-1 Security update for haproxy
This update for haproxy to version 2.0.5+git0.d905f49a fixes the following issues: Security issue fixed: - CVE-2019-14241: Fixed a cookie memory corruption problem. bsc1142529 The update to 2.0.5 brings lots of features and bugfixes: - new internal native HTTP representation called HTX, was alrea...
SUSE-SU-2019:3001-1 Security update for haproxy
This update for haproxy to version 2.0.5+git0.d905f49a fixes the following issues: Security issue fixed: - CVE-2019-14241: Fixed a cookie memory corruption problem. bsc1142529 The update to 2.0.5 brings lots of features and bugfixes: - new internal native HTTP representation called HTX, was alrea...