prod

Laravel Blog PHP 7.2

71 vulnérabilités sur 8 paquets ont été trouvés

2 paquets abandonnés ont été trouvés



Dernière analyse : il y a 22 heures share

Pas de résultat.

71 vulnérabilités sur 8 paquets ont été trouvés


low  CVE-2024-50345: Open redirect via browser-sanitized URLs
Versions affectées : >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7
Versions patchées : 5.4.46 6.4.14 7.1.7 5.4.46 6.4.14 7.1.7 https://symfony.com/cve-2024-50345
Signalée 05/11/2024
CVE-2024-50345


high  CVE-2024-51736: Command execution hijack on Windows with Process class
Versions affectées : >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7
Versions patchées : 5.4.46 6.4.14 7.1.7 5.4.46 6.4.14 7.1.7 https://symfony.com/cve-2024-51736
Signalée 05/11/2024
CVE-2024-51736


high  Laravel environment manipulation via query string
Versions affectées : >=11.0.0,<11.31.0|>=10.0.0,<10.48.23|>=9.0.0,<9.52.17|>=8.0.0,<8.83.28|>=7.0.0,<7.30.7|<6.20.45
Versions patchées : 6.20.45 7.30.7 8.83.28 9.52.17 10.48.23 11.31.0 https://github.com/advisories/GHSA-gv7v-rgg6-548h
Signalée 12/11/2024
CVE-2024-52301
medium  Laravel has a File Validation Bypass
Versions affectées : <11.44.1|>=12.0.0,<12.1.1
Versions patchées : 12.1.1 11.44.1 https://github.com/advisories/GHSA-78fx-h6xr-vch4
Signalée 05/03/2025
CVE-2025-27515


high  Symfony's VarDumper vulnerable to unsafe deserialization
Versions affectées : >=7.0.0,<7.0.4|<6.4.4
Versions patchées : 6.4.4 7.0.4 https://github.com/advisories/GHSA-cg28-v4wq-whv5
Signalée 29/11/2024
CVE-2024-36610


high  league/commonmark's quadratic complexity bugs may lead to a denial of service
Versions affectées : <2.6.0
Versions patchées : 2.6.0 https://github.com/advisories/GHSA-c2pc-g5qf-rfrf
Signalée 09/12/2024
medium  league/commonmark contains a XSS vulnerability in Attributes extension
Versions affectées : <2.7.0
Versions patchées : 2.7.0 https://github.com/advisories/GHSA-3527-qv2q-pfvx
Signalée 05/05/2025
CVE-2025-46734


medium  Carbon has an arbitrary file include via unvalidated input passed to Carbon::setLocale
Versions affectées : <2.72.6|>=3.0.0,<3.8.4
Versions patchées : 3.8.4 2.72.6 https://github.com/advisories/GHSA-j3f9-p6hm-5w6q
Signalée 08/01/2025
CVE-2025-22145


critical  ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161.
* [http://www.openwall.com/lists/oss-security/2016/04/24/1](http://www.openwall.com/lists/oss-security/2016/04/24/1)
* [http://www.php.net/ChangeLog-5.php](http://www.php.net/ChangeLog-5.php)
* [https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1509817](https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1509817)
* [https://bugs.php.net/bug.php?id=64938](https://bugs.php.net/bug.php?id=64938)
* [http://www.securityfocus.com/bid/87470](http://www.securityfocus.com/bid/87470)
* [http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html](http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html)
* [http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00033.html](http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00033.html)
* [http://www.ubuntu.com/usn/USN-2952-1](http://www.ubuntu.com/usn/USN-2952-1)
* [http://www.ubuntu.com/usn/USN-2952-2](http://www.ubuntu.com/usn/USN-2952-2)
* [http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00056.html](http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00056.html)
* [http://rhn.redhat.com/errata/RHSA-2016-2750.html](http://rhn.redhat.com/errata/RHSA-2016-2750.html)
* [http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=de31324c221c1791b26350ba106cc26bad23ace9](http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=de31324c221c1791b26350ba106cc26bad23ace9)
Signalée 22/05/2016
CVE-2015-8866
critical  The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.
* [https://bugs.php.net/bug.php?id=74577](https://bugs.php.net/bug.php?id=74577)
* [http://www.securityfocus.com/bid/98518](http://www.securityfocus.com/bid/98518)
Signalée 12/05/2017
CVE-2017-8923
critical  exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function.
* [https://bugs.php.net/bug.php?id=76409](https://bugs.php.net/bug.php?id=76409)
* [http://www.securityfocus.com/bid/104551](http://www.securityfocus.com/bid/104551)
* [https://usn.ubuntu.com/3702-1/](https://usn.ubuntu.com/3702-1/)
* [https://usn.ubuntu.com/3702-2/](https://usn.ubuntu.com/3702-2/)
* [https://security.netapp.com/advisory/ntap-20181109-0001/](https://security.netapp.com/advisory/ntap-20181109-0001/)
Signalée 26/06/2018
CVE-2018-12882
critical  In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.
* [https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba](https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba)
* [https://bugs.php.net/bug.php?id=75981](https://bugs.php.net/bug.php?id=75981)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://www.securityfocus.com/bid/103204](http://www.securityfocus.com/bid/103204)
* [https://usn.ubuntu.com/3600-1/](https://usn.ubuntu.com/3600-1/)
* [https://lists.debian.org/debian-lts-announce/2018/03/msg00030.html](https://lists.debian.org/debian-lts-announce/2018/03/msg00030.html)
* [https://www.tenable.com/security/tns-2018-03](https://www.tenable.com/security/tns-2018-03)
* [https://usn.ubuntu.com/3600-2/](https://usn.ubuntu.com/3600-2/)
* [https://www.exploit-db.com/exploits/44846/](https://www.exploit-db.com/exploits/44846/)
* [https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html](https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html)
* [https://www.debian.org/security/2018/dsa-4240](https://www.debian.org/security/2018/dsa-4240)
* [http://www.securitytracker.com/id/1041607](http://www.securitytracker.com/id/1041607)
* [https://www.tenable.com/security/tns-2018-12](https://www.tenable.com/security/tns-2018-12)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
Signalée 01/03/2018
CVE-2018-7584
critical  When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=77950](https://bugs.php.net/bug.php?id=77950)
* [http://www.securityfocus.com/bid/108177](http://www.securityfocus.com/bid/108177)
* [https://security.netapp.com/advisory/ntap-20190517-0003/](https://security.netapp.com/advisory/ntap-20190517-0003/)
* [https://usn.ubuntu.com/3566-2/](https://usn.ubuntu.com/3566-2/)
* [https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html](https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html)
* [https://usn.ubuntu.com/4009-1/](https://usn.ubuntu.com/4009-1/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://seclists.org/bugtraq/2019/Sep/35](https://seclists.org/bugtraq/2019/Sep/35)
* [https://www.debian.org/security/2019/dsa-4527](https://www.debian.org/security/2019/dsa-4527)
* [https://seclists.org/bugtraq/2019/Sep/38](https://seclists.org/bugtraq/2019/Sep/38)
* [https://www.debian.org/security/2019/dsa-4529](https://www.debian.org/security/2019/dsa-4529)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BY2XUUAN277LS7HKAOGL4DVGAELOJV3/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BY2XUUAN277LS7HKAOGL4DVGAELOJV3/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NFXYNCXZCPYT7ZN4ZLI5EPQQW44FRRO/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NFXYNCXZCPYT7ZN4ZLI5EPQQW44FRRO/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WN2HLPGEZEF4MFM5YC5FILZB5QEQFP3A/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WN2HLPGEZEF4MFM5YC5FILZB5QEQFP3A/)
Signalée 03/05/2019
CVE-2019-11036
critical  Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=78069](https://bugs.php.net/bug.php?id=78069)
* [http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html](http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://seclists.org/bugtraq/2019/Sep/35](https://seclists.org/bugtraq/2019/Sep/35)
* [https://www.debian.org/security/2019/dsa-4527](https://www.debian.org/security/2019/dsa-4527)
* [https://seclists.org/bugtraq/2019/Sep/38](https://seclists.org/bugtraq/2019/Sep/38)
* [https://www.debian.org/security/2019/dsa-4529](https://www.debian.org/security/2019/dsa-4529)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 19/06/2019
CVE-2019-11039
critical  When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=77988](https://bugs.php.net/bug.php?id=77988)
* [http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html](http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://seclists.org/bugtraq/2019/Sep/35](https://seclists.org/bugtraq/2019/Sep/35)
* [https://www.debian.org/security/2019/dsa-4527](https://www.debian.org/security/2019/dsa-4527)
* [https://seclists.org/bugtraq/2019/Sep/38](https://seclists.org/bugtraq/2019/Sep/38)
* [https://www.debian.org/security/2019/dsa-4529](https://www.debian.org/security/2019/dsa-4529)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 19/06/2019
CVE-2019-11040
critical  In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
* [https://github.com/neex/phuip-fpizdam](https://github.com/neex/phuip-fpizdam)
* [https://bugs.php.net/bug.php?id=78599](https://bugs.php.net/bug.php?id=78599)
* [https://usn.ubuntu.com/4166-1/](https://usn.ubuntu.com/4166-1/)
* [https://usn.ubuntu.com/4166-2/](https://usn.ubuntu.com/4166-2/)
* [https://www.debian.org/security/2019/dsa-4553](https://www.debian.org/security/2019/dsa-4553)
* [https://www.debian.org/security/2019/dsa-4552](https://www.debian.org/security/2019/dsa-4552)
* [https://security.netapp.com/advisory/ntap-20191031-0003/](https://security.netapp.com/advisory/ntap-20191031-0003/)
* [https://access.redhat.com/errata/RHSA-2019:3287](https://access.redhat.com/errata/RHSA-2019:3287)
* [https://access.redhat.com/errata/RHSA-2019:3286](https://access.redhat.com/errata/RHSA-2019:3286)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
* [https://access.redhat.com/errata/RHSA-2019:3300](https://access.redhat.com/errata/RHSA-2019:3300)
* [http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html](http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html)
* [https://access.redhat.com/errata/RHSA-2019:3724](https://access.redhat.com/errata/RHSA-2019:3724)
* [https://access.redhat.com/errata/RHSA-2019:3735](https://access.redhat.com/errata/RHSA-2019:3735)
* [https://access.redhat.com/errata/RHSA-2019:3736](https://access.redhat.com/errata/RHSA-2019:3736)
* [https://www.synology.com/security/advisory/Synology_SA_19_36](https://www.synology.com/security/advisory/Synology_SA_19_36)
* [http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html](http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html)
* [https://support.apple.com/kb/HT210919](https://support.apple.com/kb/HT210919)
* [https://seclists.org/bugtraq/2020/Jan/44](https://seclists.org/bugtraq/2020/Jan/44)
* [http://seclists.org/fulldisclosure/2020/Jan/40](http://seclists.org/fulldisclosure/2020/Jan/40)
* [https://access.redhat.com/errata/RHSA-2020:0322](https://access.redhat.com/errata/RHSA-2020:0322)
* [http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html](http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
* [https://support.f5.com/csp/article/K75408500?utm_source=f5support&amp%3Butm_medium=RSS](https://support.f5.com/csp/article/K75408500?utm_source=f5support&amp%3Butm_medium=RSS)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/)
Signalée 28/10/2019
CVE-2019-11043
critical  A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.
* [https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55](https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55)
* [https://lists.debian.org/debian-lts-announce/2019/07/msg00013.html](https://lists.debian.org/debian-lts-announce/2019/07/msg00013.html)
* [https://usn.ubuntu.com/4088-1/](https://usn.ubuntu.com/4088-1/)
* [https://support.f5.com/csp/article/K00103182](https://support.f5.com/csp/article/K00103182)
* [https://security.gentoo.org/glsa/201911-03](https://security.gentoo.org/glsa/201911-03)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNL26OZSQRVLEO6JRNUVIMZTICXBNEQW/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNL26OZSQRVLEO6JRNUVIMZTICXBNEQW/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWCPDTZOIUKGMFAD5NAKUB7FPJFAIQN5/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWCPDTZOIUKGMFAD5NAKUB7FPJFAIQN5/)
* [https://support.f5.com/csp/article/K00103182?utm_source=f5support&amp%3Butm_medium=RSS](https://support.f5.com/csp/article/K00103182?utm_source=f5support&amp%3Butm_medium=RSS)
Signalée 10/07/2019
CVE-2019-13224
critical  An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.
* [https://bugs.php.net/bug.php?id=77249](https://bugs.php.net/bug.php?id=77249)
* [https://bugs.php.net/bug.php?id=77242](https://bugs.php.net/bug.php?id=77242)
* [http://www.securityfocus.com/bid/107156](http://www.securityfocus.com/bid/107156)
* [https://www.debian.org/security/2019/dsa-4398](https://www.debian.org/security/2019/dsa-4398)
* [https://usn.ubuntu.com/3902-1/](https://usn.ubuntu.com/3902-1/)
* [https://usn.ubuntu.com/3902-2/](https://usn.ubuntu.com/3902-2/)
* [https://security.netapp.com/advisory/ntap-20190321-0001/](https://security.netapp.com/advisory/ntap-20190321-0001/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 22/02/2019
CVE-2019-9020
critical  An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.
* [https://bugs.php.net/bug.php?id=77247](https://bugs.php.net/bug.php?id=77247)
* [http://www.securityfocus.com/bid/107156](http://www.securityfocus.com/bid/107156)
* [http://www.securityfocus.com/bid/106747](http://www.securityfocus.com/bid/106747)
* [https://www.debian.org/security/2019/dsa-4398](https://www.debian.org/security/2019/dsa-4398)
* [https://usn.ubuntu.com/3902-1/](https://usn.ubuntu.com/3902-1/)
* [https://usn.ubuntu.com/3902-2/](https://usn.ubuntu.com/3902-2/)
* [https://security.netapp.com/advisory/ntap-20190321-0001/](https://security.netapp.com/advisory/ntap-20190321-0001/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 22/02/2019
CVE-2019-9021
critical  An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.
* [https://bugs.php.net/bug.php?id=77418](https://bugs.php.net/bug.php?id=77418)
* [https://bugs.php.net/bug.php?id=77394](https://bugs.php.net/bug.php?id=77394)
* [https://bugs.php.net/bug.php?id=77385](https://bugs.php.net/bug.php?id=77385)
* [https://bugs.php.net/bug.php?id=77382](https://bugs.php.net/bug.php?id=77382)
* [https://bugs.php.net/bug.php?id=77381](https://bugs.php.net/bug.php?id=77381)
* [https://bugs.php.net/bug.php?id=77371](https://bugs.php.net/bug.php?id=77371)
* [https://bugs.php.net/bug.php?id=77370](https://bugs.php.net/bug.php?id=77370)
* [http://www.securityfocus.com/bid/107156](http://www.securityfocus.com/bid/107156)
* [https://www.debian.org/security/2019/dsa-4398](https://www.debian.org/security/2019/dsa-4398)
* [https://usn.ubuntu.com/3902-1/](https://usn.ubuntu.com/3902-1/)
* [https://usn.ubuntu.com/3902-2/](https://usn.ubuntu.com/3902-2/)
* [https://security.netapp.com/advisory/ntap-20190321-0001/](https://security.netapp.com/advisory/ntap-20190321-0001/)
* [https://support.f5.com/csp/article/K06372014](https://support.f5.com/csp/article/K06372014)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 22/02/2019
CVE-2019-9023
critical  An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
* [https://bugs.php.net/bug.php?id=77509](https://bugs.php.net/bug.php?id=77509)
* [https://www.debian.org/security/2019/dsa-4403](https://www.debian.org/security/2019/dsa-4403)
* [https://usn.ubuntu.com/3922-1/](https://usn.ubuntu.com/3922-1/)
* [https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html](https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html)
* [https://usn.ubuntu.com/3922-2/](https://usn.ubuntu.com/3922-2/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html)
* [https://usn.ubuntu.com/3922-3/](https://usn.ubuntu.com/3922-3/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [https://security.netapp.com/advisory/ntap-20190502-0007/](https://security.netapp.com/advisory/ntap-20190502-0007/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
Signalée 09/03/2019
CVE-2019-9641
critical  When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=79099](https://bugs.php.net/bug.php?id=79099)
* [https://seclists.org/bugtraq/2020/Feb/27](https://seclists.org/bugtraq/2020/Feb/27)
* [https://www.debian.org/security/2020/dsa-4626](https://www.debian.org/security/2020/dsa-4626)
* [https://usn.ubuntu.com/4279-1/](https://usn.ubuntu.com/4279-1/)
* [https://seclists.org/bugtraq/2020/Feb/31](https://seclists.org/bugtraq/2020/Feb/31)
* [https://www.debian.org/security/2020/dsa-4628](https://www.debian.org/security/2020/dsa-4628)
* [https://security.netapp.com/advisory/ntap-20200221-0002/](https://security.netapp.com/advisory/ntap-20200221-0002/)
* [https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html](https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html)
* [http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html](http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html)
* [https://security.gentoo.org/glsa/202003-57](https://security.gentoo.org/glsa/202003-57)
* [https://www.oracle.com/security-alerts/cpujul2020.html](https://www.oracle.com/security-alerts/cpujul2020.html)
* [https://seclists.org/bugtraq/2021/Jan/3](https://seclists.org/bugtraq/2021/Jan/3)
* [https://www.oracle.com/security-alerts/cpuApr2021.html](https://www.oracle.com/security-alerts/cpuApr2021.html)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 10/02/2020
CVE-2020-7059
critical  When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=79037](https://bugs.php.net/bug.php?id=79037)
* [https://seclists.org/bugtraq/2020/Feb/27](https://seclists.org/bugtraq/2020/Feb/27)
* [https://www.debian.org/security/2020/dsa-4626](https://www.debian.org/security/2020/dsa-4626)
* [https://usn.ubuntu.com/4279-1/](https://usn.ubuntu.com/4279-1/)
* [https://seclists.org/bugtraq/2020/Feb/31](https://seclists.org/bugtraq/2020/Feb/31)
* [https://www.debian.org/security/2020/dsa-4628](https://www.debian.org/security/2020/dsa-4628)
* [https://security.netapp.com/advisory/ntap-20200221-0002/](https://security.netapp.com/advisory/ntap-20200221-0002/)
* [https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html](https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html)
* [http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html](http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html)
* [https://security.gentoo.org/glsa/202003-57](https://security.gentoo.org/glsa/202003-57)
* [https://www.oracle.com/security-alerts/cpujul2020.html](https://www.oracle.com/security-alerts/cpujul2020.html)
* [https://seclists.org/bugtraq/2021/Jan/3](https://seclists.org/bugtraq/2021/Jan/3)
* [https://www.oracle.com/security-alerts/cpuApr2021.html](https://www.oracle.com/security-alerts/cpuApr2021.html)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 10/02/2020
CVE-2020-7060
critical  In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=79171](https://bugs.php.net/bug.php?id=79171)
* [https://security.gentoo.org/glsa/202003-57](https://security.gentoo.org/glsa/202003-57)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 27/02/2020
CVE-2020-7061
critical  The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
* [https://news.ycombinator.com/item?id=33281106](https://news.ycombinator.com/item?id=33281106)
* [https://csrc.nist.gov/projects/hash-functions/sha-3-project](https://csrc.nist.gov/projects/hash-functions/sha-3-project)
* [https://mouha.be/sha-3-buffer-overflow/](https://mouha.be/sha-3-buffer-overflow/)
* [https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658](https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658)
* [https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html](https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html)
* [https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html](https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html)
* [https://www.debian.org/security/2022/dsa-5267](https://www.debian.org/security/2022/dsa-5267)
* [https://www.debian.org/security/2022/dsa-5269](https://www.debian.org/security/2022/dsa-5269)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/)
* [https://eprint.iacr.org/2023/331](https://eprint.iacr.org/2023/331)
* [https://news.ycombinator.com/item?id=35050307](https://news.ycombinator.com/item?id=35050307)
* [https://security.gentoo.org/glsa/202305-02](https://security.gentoo.org/glsa/202305-02)
Signalée 21/10/2022
CVE-2022-37454
critical  In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
* [https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv](https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv)
* [https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html](https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html)
* [https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/](https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/)
* [https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/](https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/)
* [https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/](https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/)
* [https://github.com/11whoami99/CVE-2024-4577](https://github.com/11whoami99/CVE-2024-4577)
* [https://github.com/xcanwin/CVE-2024-4577-PHP-RCE](https://github.com/xcanwin/CVE-2024-4577-PHP-RCE)
* [https://github.com/rapid7/metasploit-framework/pull/19247](https://github.com/rapid7/metasploit-framework/pull/19247)
* [https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/](https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/)
* [https://github.com/watchtowrlabs/CVE-2024-4577](https://github.com/watchtowrlabs/CVE-2024-4577)
* [https://www.php.net/ChangeLog-8.php#8.1.29](https://www.php.net/ChangeLog-8.php#8.1.29)
* [https://www.php.net/ChangeLog-8.php#8.2.20](https://www.php.net/ChangeLog-8.php#8.2.20)
* [https://www.php.net/ChangeLog-8.php#8.3.8](https://www.php.net/ChangeLog-8.php#8.3.8)
* [https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately](https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately)
* [https://isc.sans.edu/diary/30994](https://isc.sans.edu/diary/30994)
* [http://www.openwall.com/lists/oss-security/2024/06/07/1](http://www.openwall.com/lists/oss-security/2024/06/07/1)
* [https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/)
* [https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/)
* [https://security.netapp.com/advisory/ntap-20240621-0008/](https://security.netapp.com/advisory/ntap-20240621-0008/)
Signalée 09/06/2024
CVE-2024-4577
high  An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
* [https://bugs.php.net/bug.php?id=76249](https://bugs.php.net/bug.php?id=76249)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [http://www.securityfocus.com/bid/104019](http://www.securityfocus.com/bid/104019)
* [http://www.securitytracker.com/id/1040807](http://www.securitytracker.com/id/1040807)
* [https://usn.ubuntu.com/3646-1/](https://usn.ubuntu.com/3646-1/)
* [https://security.netapp.com/advisory/ntap-20180607-0003/](https://security.netapp.com/advisory/ntap-20180607-0003/)
* [https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html](https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html)
* [https://www.debian.org/security/2018/dsa-4240](https://www.debian.org/security/2018/dsa-4240)
* [https://www.tenable.com/security/tns-2018-12](https://www.tenable.com/security/tns-2018-12)
* [https://security.gentoo.org/glsa/201812-01](https://security.gentoo.org/glsa/201812-01)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
Signalée 29/04/2018
CVE-2018-10546
high  An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.
* [https://bugs.php.net/bug.php?id=76248](https://bugs.php.net/bug.php?id=76248)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [http://www.securityfocus.com/bid/104019](http://www.securityfocus.com/bid/104019)
* [http://www.securitytracker.com/id/1040807](http://www.securitytracker.com/id/1040807)
* [https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html](https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html)
* [https://usn.ubuntu.com/3646-1/](https://usn.ubuntu.com/3646-1/)
* [https://usn.ubuntu.com/3646-2/](https://usn.ubuntu.com/3646-2/)
* [https://security.netapp.com/advisory/ntap-20180607-0003/](https://security.netapp.com/advisory/ntap-20180607-0003/)
* [https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html](https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html)
* [https://www.debian.org/security/2018/dsa-4240](https://www.debian.org/security/2018/dsa-4240)
* [https://www.tenable.com/security/tns-2018-12](https://www.tenable.com/security/tns-2018-12)
* [https://security.gentoo.org/glsa/201812-01](https://security.gentoo.org/glsa/201812-01)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://www.tenable.com/security/tns-2019-07](https://www.tenable.com/security/tns-2019-07)
Signalée 29/04/2018
CVE-2018-10548
high  An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\0' character.
* [https://bugs.php.net/bug.php?id=76130](https://bugs.php.net/bug.php?id=76130)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [http://www.securityfocus.com/bid/104019](http://www.securityfocus.com/bid/104019)
* [https://www.synology.com/support/security/Synology_SA_18_20](https://www.synology.com/support/security/Synology_SA_18_20)
* [http://www.securitytracker.com/id/1040807](http://www.securitytracker.com/id/1040807)
* [https://usn.ubuntu.com/3646-1/](https://usn.ubuntu.com/3646-1/)
* [https://security.netapp.com/advisory/ntap-20180607-0003/](https://security.netapp.com/advisory/ntap-20180607-0003/)
* [https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html](https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html)
* [https://www.debian.org/security/2018/dsa-4240](https://www.debian.org/security/2018/dsa-4240)
* [https://www.tenable.com/security/tns-2018-12](https://www.tenable.com/security/tns-2018-12)
* [https://security.gentoo.org/glsa/201812-01](https://security.gentoo.org/glsa/201812-01)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
Signalée 29/04/2018
CVE-2018-10549
high  An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
* [https://bugs.php.net/bug.php?id=76423](https://bugs.php.net/bug.php?id=76423)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html](https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html)
* [https://usn.ubuntu.com/3766-1/](https://usn.ubuntu.com/3766-1/)
* [https://www.tenable.com/security/tns-2018-12](https://www.tenable.com/security/tns-2018-12)
* [https://usn.ubuntu.com/3766-2/](https://usn.ubuntu.com/3766-2/)
* [http://www.securityfocus.com/bid/104871](http://www.securityfocus.com/bid/104871)
* [https://security.netapp.com/advisory/ntap-20181107-0003/](https://security.netapp.com/advisory/ntap-20181107-0003/)
* [https://www.debian.org/security/2018/dsa-4353](https://www.debian.org/security/2018/dsa-4353)
Signalée 03/08/2018
CVE-2018-14883
high  An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value that is mishandled in an atoi call.
* [https://bugs.php.net/bug.php?id=75535](https://bugs.php.net/bug.php?id=75535)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [https://security.netapp.com/advisory/ntap-20181107-0003/](https://security.netapp.com/advisory/ntap-20181107-0003/)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
Signalée 03/08/2018
CVE-2018-14884
high  An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.
* [https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4](https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4)
* [https://bugs.php.net/bug.php?id=76459](https://bugs.php.net/bug.php?id=76459)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [https://www.tenable.com/security/tns-2018-12](https://www.tenable.com/security/tns-2018-12)
* [https://security.netapp.com/advisory/ntap-20181107-0003/](https://security.netapp.com/advisory/ntap-20181107-0003/)
Signalée 07/08/2018
CVE-2018-15132
high  University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, which might allow remote attackers to execute arbitrary OS commands if the IMAP server name is untrusted input (e.g., entered by a user of a web application) and if rsh has been replaced by a program with different argument semantics. For example, if rsh is a link to ssh (as seen on Debian and Ubuntu systems), then the attack can use an IMAP server name containing a "-oProxyCommand" argument.
* [https://www.openwall.com/lists/oss-security/2018/11/22/3](https://www.openwall.com/lists/oss-security/2018/11/22/3)
* [https://github.com/Bo0oM/PHP_imap_open_exploit/blob/master/exploit.php](https://github.com/Bo0oM/PHP_imap_open_exploit/blob/master/exploit.php)
* [https://bugs.php.net/bug.php?id=77160](https://bugs.php.net/bug.php?id=77160)
* [https://bugs.php.net/bug.php?id=77153](https://bugs.php.net/bug.php?id=77153)
* [https://bugs.php.net/bug.php?id=76428](https://bugs.php.net/bug.php?id=76428)
* [https://bugs.debian.org/913836](https://bugs.debian.org/913836)
* [https://bugs.debian.org/913835](https://bugs.debian.org/913835)
* [https://bugs.debian.org/913775](https://bugs.debian.org/913775)
* [https://antichat.com/threads/463395/#post-4254681](https://antichat.com/threads/463395/#post-4254681)
* [http://www.securitytracker.com/id/1042157](http://www.securitytracker.com/id/1042157)
* [http://www.securityfocus.com/bid/106018](http://www.securityfocus.com/bid/106018)
* [https://www.exploit-db.com/exploits/45914/](https://www.exploit-db.com/exploits/45914/)
* [https://www.debian.org/security/2018/dsa-4353](https://www.debian.org/security/2018/dsa-4353)
* [https://lists.debian.org/debian-lts-announce/2018/12/msg00006.html](https://lists.debian.org/debian-lts-announce/2018/12/msg00006.html)
* [https://security.netapp.com/advisory/ntap-20181221-0004/](https://security.netapp.com/advisory/ntap-20181221-0004/)
* [https://lists.debian.org/debian-lts-announce/2019/03/msg00001.html](https://lists.debian.org/debian-lts-announce/2019/03/msg00001.html)
* [https://usn.ubuntu.com/4160-1/](https://usn.ubuntu.com/4160-1/)
* [https://security.gentoo.org/glsa/202003-57](https://security.gentoo.org/glsa/202003-57)
* [https://lists.debian.org/debian-lts-announce/2021/12/msg00031.html](https://lists.debian.org/debian-lts-announce/2021/12/msg00031.html)
* [https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e5bfea64c81ae34816479bb05d17cdffe45adddb](https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e5bfea64c81ae34816479bb05d17cdffe45adddb)
Signalée 25/11/2018
CVE-2018-19518
high  ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
* [https://bugs.php.net/bug.php?id=77020](https://bugs.php.net/bug.php?id=77020)
* [http://www.securityfocus.com/bid/106143](http://www.securityfocus.com/bid/106143)
* [https://www.debian.org/security/2018/dsa-4353](https://www.debian.org/security/2018/dsa-4353)
* [https://lists.debian.org/debian-lts-announce/2018/12/msg00006.html](https://lists.debian.org/debian-lts-announce/2018/12/msg00006.html)
* [https://security.netapp.com/advisory/ntap-20181221-0003/](https://security.netapp.com/advisory/ntap-20181221-0003/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
Signalée 07/12/2018
CVE-2018-19935
high  In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.
* [https://bugs.php.net/bug.php?id=77143](https://bugs.php.net/bug.php?id=77143)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [https://usn.ubuntu.com/3566-2/](https://usn.ubuntu.com/3566-2/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 21/02/2019
CVE-2018-20783
high  When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=78222](https://bugs.php.net/bug.php?id=78222)
* [https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html](https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html)
* [https://usn.ubuntu.com/4097-2/](https://usn.ubuntu.com/4097-2/)
* [https://usn.ubuntu.com/4097-1/](https://usn.ubuntu.com/4097-1/)
* [https://security.netapp.com/advisory/ntap-20190822-0003/](https://security.netapp.com/advisory/ntap-20190822-0003/)
* [https://seclists.org/bugtraq/2019/Sep/35](https://seclists.org/bugtraq/2019/Sep/35)
* [https://www.debian.org/security/2019/dsa-4527](https://www.debian.org/security/2019/dsa-4527)
* [https://seclists.org/bugtraq/2019/Sep/38](https://seclists.org/bugtraq/2019/Sep/38)
* [https://www.debian.org/security/2019/dsa-4529](https://www.debian.org/security/2019/dsa-4529)
* [http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html](http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html)
* [https://support.apple.com/kb/HT210634](https://support.apple.com/kb/HT210634)
* [https://seclists.org/bugtraq/2019/Oct/9](https://seclists.org/bugtraq/2019/Oct/9)
* [http://seclists.org/fulldisclosure/2019/Oct/15](http://seclists.org/fulldisclosure/2019/Oct/15)
* [http://seclists.org/fulldisclosure/2019/Oct/55](http://seclists.org/fulldisclosure/2019/Oct/55)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
* [https://support.apple.com/kb/HT210722](https://support.apple.com/kb/HT210722)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 09/08/2019
CVE-2019-11041
high  When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=78256](https://bugs.php.net/bug.php?id=78256)
* [https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html](https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html)
* [https://usn.ubuntu.com/4097-2/](https://usn.ubuntu.com/4097-2/)
* [https://usn.ubuntu.com/4097-1/](https://usn.ubuntu.com/4097-1/)
* [https://security.netapp.com/advisory/ntap-20190822-0003/](https://security.netapp.com/advisory/ntap-20190822-0003/)
* [https://seclists.org/bugtraq/2019/Sep/35](https://seclists.org/bugtraq/2019/Sep/35)
* [https://www.debian.org/security/2019/dsa-4527](https://www.debian.org/security/2019/dsa-4527)
* [https://seclists.org/bugtraq/2019/Sep/38](https://seclists.org/bugtraq/2019/Sep/38)
* [https://www.debian.org/security/2019/dsa-4529](https://www.debian.org/security/2019/dsa-4529)
* [http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html](http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html)
* [https://support.apple.com/kb/HT210634](https://support.apple.com/kb/HT210634)
* [https://seclists.org/bugtraq/2019/Oct/9](https://seclists.org/bugtraq/2019/Oct/9)
* [http://seclists.org/fulldisclosure/2019/Oct/15](http://seclists.org/fulldisclosure/2019/Oct/15)
* [http://seclists.org/fulldisclosure/2019/Oct/55](http://seclists.org/fulldisclosure/2019/Oct/55)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
* [https://support.apple.com/kb/HT210722](https://support.apple.com/kb/HT210722)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 09/08/2019
CVE-2019-11042
high  In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.
* [https://bugs.php.net/bug.php?id=78862](https://bugs.php.net/bug.php?id=78862)
* [https://security.netapp.com/advisory/ntap-20200103-0002/](https://security.netapp.com/advisory/ntap-20200103-0002/)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/)
Signalée 23/12/2019
CVE-2019-11044
high  gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
* [https://bugs.php.net/bug.php?id=77270](https://bugs.php.net/bug.php?id=77270)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [http://www.securityfocus.com/bid/106731](http://www.securityfocus.com/bid/106731)
* [https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html](https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html)
* [https://www.debian.org/security/2019/dsa-4384](https://www.debian.org/security/2019/dsa-4384)
* [https://usn.ubuntu.com/3900-1/](https://usn.ubuntu.com/3900-1/)
* [https://security.netapp.com/advisory/ntap-20190315-0003/](https://security.netapp.com/advisory/ntap-20190315-0003/)
* [https://security.gentoo.org/glsa/201903-18](https://security.gentoo.org/glsa/201903-18)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html)
* [http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html](http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html)
* [https://www.exploit-db.com/exploits/46677/](https://www.exploit-db.com/exploits/46677/)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/)
Signalée 27/01/2019
CVE-2019-6977
high  An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parserr in ext/standard/dns.c for DNS_CAA and DNS_ANY queries.
* [https://bugs.php.net/bug.php?id=77369](https://bugs.php.net/bug.php?id=77369)
* [https://www.debian.org/security/2019/dsa-4398](https://www.debian.org/security/2019/dsa-4398)
* [https://usn.ubuntu.com/3902-1/](https://usn.ubuntu.com/3902-1/)
* [https://security.netapp.com/advisory/ntap-20190321-0001/](https://security.netapp.com/advisory/ntap-20190321-0001/)
* [https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html](https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html)
* [https://usn.ubuntu.com/3922-2/](https://usn.ubuntu.com/3922-2/)
* [https://usn.ubuntu.com/3922-3/](https://usn.ubuntu.com/3922-3/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
* [https://www.tenable.com/security/tns-2019-07](https://www.tenable.com/security/tns-2019-07)
Signalée 22/02/2019
CVE-2019-9022
high  An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.
* [https://bugs.php.net/bug.php?id=77380](https://bugs.php.net/bug.php?id=77380)
* [http://www.securityfocus.com/bid/107156](http://www.securityfocus.com/bid/107156)
* [https://www.debian.org/security/2019/dsa-4398](https://www.debian.org/security/2019/dsa-4398)
* [https://usn.ubuntu.com/3902-1/](https://usn.ubuntu.com/3902-1/)
* [https://usn.ubuntu.com/3902-2/](https://usn.ubuntu.com/3902-2/)
* [https://security.netapp.com/advisory/ntap-20190321-0001/](https://security.netapp.com/advisory/ntap-20190321-0001/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 22/02/2019
CVE-2019-9024
high  An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.
* [https://bugs.php.net/bug.php?id=77630](https://bugs.php.net/bug.php?id=77630)
* [https://www.debian.org/security/2019/dsa-4403](https://www.debian.org/security/2019/dsa-4403)
* [https://usn.ubuntu.com/3922-1/](https://usn.ubuntu.com/3922-1/)
* [https://support.f5.com/csp/article/K53825211](https://support.f5.com/csp/article/K53825211)
* [https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html](https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html)
* [https://usn.ubuntu.com/3922-2/](https://usn.ubuntu.com/3922-2/)
* [https://usn.ubuntu.com/3922-3/](https://usn.ubuntu.com/3922-3/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [https://security.netapp.com/advisory/ntap-20190502-0007/](https://security.netapp.com/advisory/ntap-20190502-0007/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
* [https://www.tenable.com/security/tns-2019-07](https://www.tenable.com/security/tns-2019-07)
Signalée 09/03/2019
CVE-2019-9637
high  An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
* [https://bugs.php.net/bug.php?id=77563](https://bugs.php.net/bug.php?id=77563)
* [https://www.debian.org/security/2019/dsa-4403](https://www.debian.org/security/2019/dsa-4403)
* [https://usn.ubuntu.com/3922-1/](https://usn.ubuntu.com/3922-1/)
* [https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html](https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html)
* [https://usn.ubuntu.com/3922-2/](https://usn.ubuntu.com/3922-2/)
* [https://usn.ubuntu.com/3922-3/](https://usn.ubuntu.com/3922-3/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [https://security.netapp.com/advisory/ntap-20190502-0007/](https://security.netapp.com/advisory/ntap-20190502-0007/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 09/03/2019
CVE-2019-9638
high  An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
* [https://bugs.php.net/bug.php?id=77659](https://bugs.php.net/bug.php?id=77659)
* [https://www.debian.org/security/2019/dsa-4403](https://www.debian.org/security/2019/dsa-4403)
* [https://usn.ubuntu.com/3922-1/](https://usn.ubuntu.com/3922-1/)
* [https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html](https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html)
* [https://usn.ubuntu.com/3922-2/](https://usn.ubuntu.com/3922-2/)
* [https://usn.ubuntu.com/3922-3/](https://usn.ubuntu.com/3922-3/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [https://security.netapp.com/advisory/ntap-20190502-0007/](https://security.netapp.com/advisory/ntap-20190502-0007/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 09/03/2019
CVE-2019-9639
high  An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
* [https://bugs.php.net/bug.php?id=77540](https://bugs.php.net/bug.php?id=77540)
* [https://www.debian.org/security/2019/dsa-4403](https://www.debian.org/security/2019/dsa-4403)
* [https://usn.ubuntu.com/3922-1/](https://usn.ubuntu.com/3922-1/)
* [https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html](https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html)
* [https://usn.ubuntu.com/3922-2/](https://usn.ubuntu.com/3922-2/)
* [https://usn.ubuntu.com/3922-3/](https://usn.ubuntu.com/3922-3/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html](http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html)
* [https://security.netapp.com/advisory/ntap-20190502-0007/](https://security.netapp.com/advisory/ntap-20190502-0007/)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html)
* [http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html](http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
Signalée 09/03/2019
CVE-2019-9640
high  In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash.
* [https://bugs.php.net/bug.php?id=79221](https://bugs.php.net/bug.php?id=79221)
* [http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html](http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html)
* [https://security.gentoo.org/glsa/202003-57](https://security.gentoo.org/glsa/202003-57)
* [https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html](https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html)
* [https://usn.ubuntu.com/4330-1/](https://usn.ubuntu.com/4330-1/)
* [https://www.debian.org/security/2020/dsa-4717](https://www.debian.org/security/2020/dsa-4717)
* [https://www.debian.org/security/2020/dsa-4719](https://www.debian.org/security/2020/dsa-4719)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 27/02/2020
CVE-2020-7062
high  In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.
* [https://bugs.php.net/bug.php?id=79465](https://bugs.php.net/bug.php?id=79465)
* [https://security.netapp.com/advisory/ntap-20200504-0001/](https://security.netapp.com/advisory/ntap-20200504-0001/)
* [https://www.debian.org/security/2020/dsa-4717](https://www.debian.org/security/2020/dsa-4717)
* [https://www.debian.org/security/2020/dsa-4719](https://www.debian.org/security/2020/dsa-4719)
* [https://www.oracle.com/security-alerts/cpuoct2020.html](https://www.oracle.com/security-alerts/cpuoct2020.html)
* [https://www.oracle.com/security-alerts/cpuApr2021.html](https://www.oracle.com/security-alerts/cpuApr2021.html)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 27/04/2020
CVE-2020-7067
medium  The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.
* [http://www.acid-root.new.fr/advisories/14070612.txt](http://www.acid-root.new.fr/advisories/14070612.txt)
* [http://securityreason.com/securityalert/2800](http://securityreason.com/securityalert/2800)
* [http://osvdb.org/39834](http://osvdb.org/39834)
* [https://exchange.xforce.ibmcloud.com/vulnerabilities/34836](https://exchange.xforce.ibmcloud.com/vulnerabilities/34836)
* [http://www.securityfocus.com/archive/1/471275/100/0/threaded](http://www.securityfocus.com/archive/1/471275/100/0/threaded)
* [http://www.securityfocus.com/archive/1/471204/100/0/threaded](http://www.securityfocus.com/archive/1/471204/100/0/threaded)
* [http://www.securityfocus.com/archive/1/471178/100/0/threaded](http://www.securityfocus.com/archive/1/471178/100/0/threaded)
Signalée 13/06/2007
CVE-2007-3205
medium  An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.
* [https://bugs.php.net/bug.php?id=75968](https://bugs.php.net/bug.php?id=75968)
* [https://bugs.php.net/bug.php?id=70185](https://bugs.php.net/bug.php?id=70185)
* [https://www.futureweb.at/security/CVE-2015-9253/](https://www.futureweb.at/security/CVE-2015-9253/)
* [https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8](https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8)
* [https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287](https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287)
* [https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22](https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22)
* [https://usn.ubuntu.com/3766-1/](https://usn.ubuntu.com/3766-1/)
* [https://usn.ubuntu.com/4279-1/](https://usn.ubuntu.com/4279-1/)
Signalée 19/02/2018
CVE-2015-9253
medium  An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.
* [https://bugs.php.net/bug.php?id=75605](https://bugs.php.net/bug.php?id=75605)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [http://www.securityfocus.com/bid/104022](http://www.securityfocus.com/bid/104022)
* [https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html](https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html)
* [https://usn.ubuntu.com/3646-1/](https://usn.ubuntu.com/3646-1/)
* [https://usn.ubuntu.com/3646-2/](https://usn.ubuntu.com/3646-2/)
* [https://security.netapp.com/advisory/ntap-20180607-0003/](https://security.netapp.com/advisory/ntap-20180607-0003/)
* [https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html](https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html)
* [https://www.debian.org/security/2018/dsa-4240](https://www.debian.org/security/2018/dsa-4240)
* [https://www.tenable.com/security/tns-2018-12](https://www.tenable.com/security/tns-2018-12)
* [https://security.gentoo.org/glsa/201812-01](https://security.gentoo.org/glsa/201812-01)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
Signalée 29/04/2018
CVE-2018-10545
medium  An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
* [https://bugs.php.net/bug.php?id=76129](https://bugs.php.net/bug.php?id=76129)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [http://www.securitytracker.com/id/1040807](http://www.securitytracker.com/id/1040807)
* [https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html](https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html)
* [https://usn.ubuntu.com/3646-1/](https://usn.ubuntu.com/3646-1/)
* [https://usn.ubuntu.com/3646-2/](https://usn.ubuntu.com/3646-2/)
* [https://security.netapp.com/advisory/ntap-20180607-0003/](https://security.netapp.com/advisory/ntap-20180607-0003/)
* [https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html](https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html)
* [https://www.debian.org/security/2018/dsa-4240](https://www.debian.org/security/2018/dsa-4240)
* [https://www.tenable.com/security/tns-2018-12](https://www.tenable.com/security/tns-2018-12)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
Signalée 29/04/2018
CVE-2018-10547
medium  exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
* [https://bugs.php.net/bug.php?id=76557](https://bugs.php.net/bug.php?id=76557)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html](https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html)
* [https://usn.ubuntu.com/3766-1/](https://usn.ubuntu.com/3766-1/)
* [https://www.tenable.com/security/tns-2018-12](https://www.tenable.com/security/tns-2018-12)
* [https://usn.ubuntu.com/3766-2/](https://usn.ubuntu.com/3766-2/)
* [http://www.securityfocus.com/bid/104871](http://www.securityfocus.com/bid/104871)
* [https://security.netapp.com/advisory/ntap-20181107-0003/](https://security.netapp.com/advisory/ntap-20181107-0003/)
* [https://www.debian.org/security/2018/dsa-4353](https://www.debian.org/security/2018/dsa-4353)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
Signalée 02/08/2018
CVE-2018-14851
medium  The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.
* [https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e](https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e)
* [https://bugs.php.net/bug.php?id=76582](https://bugs.php.net/bug.php?id=76582)
* [http://php.net/ChangeLog-7.php](http://php.net/ChangeLog-7.php)
* [http://php.net/ChangeLog-5.php](http://php.net/ChangeLog-5.php)
* [https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html](https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html)
* [https://security.netapp.com/advisory/ntap-20180924-0001/](https://security.netapp.com/advisory/ntap-20180924-0001/)
* [https://security.gentoo.org/glsa/201812-01](https://security.gentoo.org/glsa/201812-01)
* [https://www.debian.org/security/2018/dsa-4353](https://www.debian.org/security/2018/dsa-4353)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://www.tenable.com/security/tns-2019-07](https://www.tenable.com/security/tns-2019-07)
Signalée 16/09/2018
CVE-2018-17082
medium  When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.
* [https://bugs.php.net/bug.php?id=77973](https://bugs.php.net/bug.php?id=77973)
* [https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html](https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html)
* [https://bugzilla.redhat.com/show_bug.cgi?id=1724149](https://bugzilla.redhat.com/show_bug.cgi?id=1724149)
* [https://bugzilla.suse.com/show_bug.cgi?id=1140120](https://bugzilla.suse.com/show_bug.cgi?id=1140120)
* [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821)
* [https://github.com/libgd/libgd/issues/501](https://github.com/libgd/libgd/issues/501)
* [https://bugzilla.redhat.com/show_bug.cgi?id=1724432](https://bugzilla.redhat.com/show_bug.cgi?id=1724432)
* [https://bugzilla.suse.com/show_bug.cgi?id=1140118](https://bugzilla.suse.com/show_bug.cgi?id=1140118)
* [https://access.redhat.com/errata/RHSA-2019:2519](https://access.redhat.com/errata/RHSA-2019:2519)
* [https://seclists.org/bugtraq/2019/Sep/38](https://seclists.org/bugtraq/2019/Sep/38)
* [https://www.debian.org/security/2019/dsa-4529](https://www.debian.org/security/2019/dsa-4529)
* [https://access.redhat.com/errata/RHSA-2019:3299](https://access.redhat.com/errata/RHSA-2019:3299)
* [http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html](http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html)
* [https://usn.ubuntu.com/4316-2/](https://usn.ubuntu.com/4316-2/)
* [https://usn.ubuntu.com/4316-1/](https://usn.ubuntu.com/4316-1/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/)
Signalée 19/06/2019
CVE-2019-11038
medium  In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.
* [https://bugs.php.net/bug.php?id=78863](https://bugs.php.net/bug.php?id=78863)
* [https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html](https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html)
* [https://security.netapp.com/advisory/ntap-20200103-0002/](https://security.netapp.com/advisory/ntap-20200103-0002/)
* [https://usn.ubuntu.com/4239-1/](https://usn.ubuntu.com/4239-1/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html](http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html)
* [https://seclists.org/bugtraq/2020/Feb/27](https://seclists.org/bugtraq/2020/Feb/27)
* [https://www.debian.org/security/2020/dsa-4626](https://www.debian.org/security/2020/dsa-4626)
* [https://seclists.org/bugtraq/2020/Feb/31](https://seclists.org/bugtraq/2020/Feb/31)
* [https://www.debian.org/security/2020/dsa-4628](https://www.debian.org/security/2020/dsa-4628)
* [https://seclists.org/bugtraq/2021/Jan/3](https://seclists.org/bugtraq/2021/Jan/3)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/)
Signalée 23/12/2019
CVE-2019-11045
medium  In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations.
* [https://bugs.php.net/bug.php?id=78878](https://bugs.php.net/bug.php?id=78878)
* [https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html](https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html)
* [https://security.netapp.com/advisory/ntap-20200103-0002/](https://security.netapp.com/advisory/ntap-20200103-0002/)
* [https://usn.ubuntu.com/4239-1/](https://usn.ubuntu.com/4239-1/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html](http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html)
* [https://seclists.org/bugtraq/2020/Feb/27](https://seclists.org/bugtraq/2020/Feb/27)
* [https://www.debian.org/security/2020/dsa-4626](https://www.debian.org/security/2020/dsa-4626)
* [https://seclists.org/bugtraq/2020/Feb/31](https://seclists.org/bugtraq/2020/Feb/31)
* [https://www.debian.org/security/2020/dsa-4628](https://www.debian.org/security/2020/dsa-4628)
* [https://seclists.org/bugtraq/2021/Jan/3](https://seclists.org/bugtraq/2021/Jan/3)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/)
* [https://support.f5.com/csp/article/K48866433?utm_source=f5support&amp%3Butm_medium=RSS](https://support.f5.com/csp/article/K48866433?utm_source=f5support&amp%3Butm_medium=RSS)
Signalée 23/12/2019
CVE-2019-11046
medium  When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=78910](https://bugs.php.net/bug.php?id=78910)
* [https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html](https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html)
* [https://security.netapp.com/advisory/ntap-20200103-0002/](https://security.netapp.com/advisory/ntap-20200103-0002/)
* [https://usn.ubuntu.com/4239-1/](https://usn.ubuntu.com/4239-1/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html](http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html)
* [https://seclists.org/bugtraq/2020/Feb/27](https://seclists.org/bugtraq/2020/Feb/27)
* [https://www.debian.org/security/2020/dsa-4626](https://www.debian.org/security/2020/dsa-4626)
* [https://seclists.org/bugtraq/2020/Feb/31](https://seclists.org/bugtraq/2020/Feb/31)
* [https://www.debian.org/security/2020/dsa-4628](https://www.debian.org/security/2020/dsa-4628)
* [https://seclists.org/bugtraq/2021/Jan/3](https://seclists.org/bugtraq/2021/Jan/3)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/)
Signalée 23/12/2019
CVE-2019-11047
medium  In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.
* [https://bugs.php.net/bug.php?id=78876](https://bugs.php.net/bug.php?id=78876)
* [https://bugs.php.net/bug.php?id=78875](https://bugs.php.net/bug.php?id=78875)
* [https://security.netapp.com/advisory/ntap-20200528-0006/](https://security.netapp.com/advisory/ntap-20200528-0006/)
* [https://usn.ubuntu.com/4375-1/](https://usn.ubuntu.com/4375-1/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00045.html](http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00045.html)
* [https://lists.debian.org/debian-lts-announce/2020/06/msg00033.html](https://lists.debian.org/debian-lts-announce/2020/06/msg00033.html)
* [https://www.debian.org/security/2020/dsa-4717](https://www.debian.org/security/2020/dsa-4717)
* [https://www.debian.org/security/2020/dsa-4719](https://www.debian.org/security/2020/dsa-4719)
* [https://www.oracle.com/security-alerts/cpuoct2020.html](https://www.oracle.com/security-alerts/cpuoct2020.html)
* [https://www.oracle.com/security-alerts/cpuApr2021.html](https://www.oracle.com/security-alerts/cpuApr2021.html)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBA3TFZSP3TB5N4G24SO6BI64RJZXE3D/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBA3TFZSP3TB5N4G24SO6BI64RJZXE3D/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMDUQ7XFONY3BWTAQQUD3QUGZT6NFZUF/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMDUQ7XFONY3BWTAQQUD3QUGZT6NFZUF/)
Signalée 20/05/2020
CVE-2019-11048
medium  When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=78793](https://bugs.php.net/bug.php?id=78793)
* [https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html](https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html)
* [https://security.netapp.com/advisory/ntap-20200103-0002/](https://security.netapp.com/advisory/ntap-20200103-0002/)
* [https://usn.ubuntu.com/4239-1/](https://usn.ubuntu.com/4239-1/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html](http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html)
* [https://seclists.org/bugtraq/2020/Feb/27](https://seclists.org/bugtraq/2020/Feb/27)
* [https://www.debian.org/security/2020/dsa-4626](https://www.debian.org/security/2020/dsa-4626)
* [https://seclists.org/bugtraq/2020/Feb/31](https://seclists.org/bugtraq/2020/Feb/31)
* [https://www.debian.org/security/2020/dsa-4628](https://www.debian.org/security/2020/dsa-4628)
* [https://seclists.org/bugtraq/2021/Jan/3](https://seclists.org/bugtraq/2021/Jan/3)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/)
Signalée 23/12/2019
CVE-2019-11050
medium  In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.
* [https://bugs.php.net/bug.php?id=79082](https://bugs.php.net/bug.php?id=79082)
* [http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html](http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html)
* [https://security.gentoo.org/glsa/202003-57](https://security.gentoo.org/glsa/202003-57)
* [https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html](https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html)
* [https://usn.ubuntu.com/4330-1/](https://usn.ubuntu.com/4330-1/)
* [https://www.debian.org/security/2020/dsa-4717](https://www.debian.org/security/2020/dsa-4717)
* [https://www.debian.org/security/2020/dsa-4719](https://www.debian.org/security/2020/dsa-4719)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 27/02/2020
CVE-2020-7063
medium  In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.
* [https://bugs.php.net/bug.php?id=79282](https://bugs.php.net/bug.php?id=79282)
* [https://security.netapp.com/advisory/ntap-20200403-0001/](https://security.netapp.com/advisory/ntap-20200403-0001/)
* [https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html](https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html)
* [https://usn.ubuntu.com/4330-1/](https://usn.ubuntu.com/4330-1/)
* [https://usn.ubuntu.com/4330-2/](https://usn.ubuntu.com/4330-2/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html](http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html)
* [https://www.debian.org/security/2020/dsa-4717](https://www.debian.org/security/2020/dsa-4717)
* [https://www.debian.org/security/2020/dsa-4719](https://www.debian.org/security/2020/dsa-4719)
* [https://www.oracle.com/security-alerts/cpujan2021.html](https://www.oracle.com/security-alerts/cpujan2021.html)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 01/04/2020
CVE-2020-7064
medium  In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.
* [https://bugs.php.net/bug.php?id=79329](https://bugs.php.net/bug.php?id=79329)
* [https://security.netapp.com/advisory/ntap-20200403-0001/](https://security.netapp.com/advisory/ntap-20200403-0001/)
* [https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html](https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html)
* [https://usn.ubuntu.com/4330-2/](https://usn.ubuntu.com/4330-2/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html](http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html)
* [https://www.debian.org/security/2020/dsa-4717](https://www.debian.org/security/2020/dsa-4717)
* [https://www.debian.org/security/2020/dsa-4719](https://www.debian.org/security/2020/dsa-4719)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 01/04/2020
CVE-2020-7066
medium  In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
* [https://bugs.php.net/bug.php?id=79601](https://bugs.php.net/bug.php?id=79601)
* [https://security.netapp.com/advisory/ntap-20201016-0001/](https://security.netapp.com/advisory/ntap-20201016-0001/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html](http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html)
* [https://usn.ubuntu.com/4583-1/](https://usn.ubuntu.com/4583-1/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html](http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html)
* [https://security.gentoo.org/glsa/202012-16](https://security.gentoo.org/glsa/202012-16)
* [https://www.debian.org/security/2021/dsa-4856](https://www.debian.org/security/2021/dsa-4856)
* [https://www.oracle.com/security-alerts/cpuApr2021.html](https://www.oracle.com/security-alerts/cpuApr2021.html)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
* [https://www.oracle.com/security-alerts/cpuoct2021.html](https://www.oracle.com/security-alerts/cpuoct2021.html)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/)
Signalée 02/10/2020
CVE-2020-7069
medium  In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.
* [https://bugs.php.net/bug.php?id=79699](https://bugs.php.net/bug.php?id=79699)
* [http://cve.circl.lu/cve/CVE-2020-8184](http://cve.circl.lu/cve/CVE-2020-8184)
* [https://hackerone.com/reports/895727](https://hackerone.com/reports/895727)
* [https://lists.debian.org/debian-lts-announce/2020/10/msg00008.html](https://lists.debian.org/debian-lts-announce/2020/10/msg00008.html)
* [https://security.netapp.com/advisory/ntap-20201016-0001/](https://security.netapp.com/advisory/ntap-20201016-0001/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html](http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html)
* [https://usn.ubuntu.com/4583-1/](https://usn.ubuntu.com/4583-1/)
* [http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html](http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html)
* [https://security.gentoo.org/glsa/202012-16](https://security.gentoo.org/glsa/202012-16)
* [https://www.debian.org/security/2021/dsa-4856](https://www.debian.org/security/2021/dsa-4856)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
* [https://www.oracle.com/security-alerts/cpuoct2021.html](https://www.oracle.com/security-alerts/cpuoct2021.html)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/)
Signalée 02/10/2020
CVE-2020-7070
medium  In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
* [https://bugs.php.net/bug.php?id=81726](https://bugs.php.net/bug.php?id=81726)
* [https://www.debian.org/security/2022/dsa-5277](https://www.debian.org/security/2022/dsa-5277)
* [https://security.gentoo.org/glsa/202211-03](https://security.gentoo.org/glsa/202211-03)
* [https://security.netapp.com/advisory/ntap-20221209-0001/](https://security.netapp.com/advisory/ntap-20221209-0001/)
* [https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html](https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/)
Signalée 28/09/2022
CVE-2022-31628
medium  In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
* [https://bugs.php.net/bug.php?id=81727](https://bugs.php.net/bug.php?id=81727)
* [https://www.debian.org/security/2022/dsa-5277](https://www.debian.org/security/2022/dsa-5277)
* [https://security.gentoo.org/glsa/202211-03](https://security.gentoo.org/glsa/202211-03)
* [https://security.netapp.com/advisory/ntap-20221209-0001/](https://security.netapp.com/advisory/ntap-20221209-0001/)
* [https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html](https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/)
* [https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/)
* [http://www.openwall.com/lists/oss-security/2024/04/12/11](http://www.openwall.com/lists/oss-security/2024/04/12/11)
Signalée 28/09/2022
CVE-2022-31629
medium  A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
* [https://bugzilla.redhat.com/show_bug.cgi?id=2179880](https://bugzilla.redhat.com/show_bug.cgi?id=2179880)
* [https://access.redhat.com/security/cve/CVE-2022-4900](https://access.redhat.com/security/cve/CVE-2022-4900)
* [https://security.netapp.com/advisory/ntap-20231130-0008/](https://security.netapp.com/advisory/ntap-20231130-0008/)
Signalée 02/11/2023
CVE-2022-4900
low  In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.
* [https://bugs.php.net/bug.php?id=79797](https://bugs.php.net/bug.php?id=79797)
* [https://security.gentoo.org/glsa/202009-10](https://security.gentoo.org/glsa/202009-10)
* [https://security.netapp.com/advisory/ntap-20200918-0005/](https://security.netapp.com/advisory/ntap-20200918-0005/)
* [https://www.debian.org/security/2021/dsa-4856](https://www.debian.org/security/2021/dsa-4856)
* [https://www.tenable.com/security/tns-2021-14](https://www.tenable.com/security/tns-2021-14)
Signalée 09/09/2020
CVE-2020-7068


high  An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment.
* [https://blog.laravel.com/security-release-laravel-61834-7232](https://blog.laravel.com/security-release-laravel-61834-7232)
Signalée 04/09/2020
CVE-2020-24940
high  An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24.0. The $guarded property is mishandled in some situations involving requests with JSON column nesting expressions.
* [https://blog.laravel.com/security-release-laravel-61835-7240](https://blog.laravel.com/security-release-laravel-61835-7240)
Signalée 04/09/2020
CVE-2020-24941
medium  Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an array, and that input is not validated or cast to its expected type before being passed to the query builder, an unexpected number of query bindings can be added to the query. In some situations, this will simply lead to no results being returned by the query builder; however, it is possible certain queries could be affected in a way that causes the query to return unexpected results.
* [https://packagist.org/packages/illuminate/database](https://packagist.org/packages/illuminate/database)
* [https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x](https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x)
* [https://github.com/laravel/framework/pull/35865](https://github.com/laravel/framework/pull/35865)
* [https://packagist.org/packages/laravel/framework](https://packagist.org/packages/laravel/framework)
* [https://blog.laravel.com/security-laravel-62011-7302-8221-released](https://blog.laravel.com/security-laravel-62011-7302-8221-released)
Signalée 19/01/2021
CVE-2021-21263

2 paquets abandonnés ont été trouvés

Paquet abandonné Remplacement suggéré
swiftmailer/swiftmailer symfony/mailer
fruitcake/laravel-cors Aucun
Votre version est Php 7.2 sort
Votre version est Laravel 7 sort