Security Audit v2.0.17

Langue
- English
- Français
Connexion / Inscription

prod

Ibexa OSS 4.6

52 vulnérabilités ont été trouvés

6 paquets abandonnés ont été trouvés

Dernière analyse : il y a 1 heure

Pas de résultat.

52 vulnérabilités ont été trouvés

#	Total	C	H	M	L
Composer	29	0	13	11	5	0
Php	23	2	10	5	2	4

Composer

6 ibexa/admin-ui —— v4.6.7 +

high XSS in fields used in the Content name pattern

Versions affectées : v4.0.0,v4.0.8|v4.1.0,v4.1.5|v4.2.0,v4.2.4|v4.3.0,v4.3.5|v4.4.0,v4.4.4|v4.5.0,v4.5.7|v4.6.0,v4.6.13
Versions patchées : v4.6.14
https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates

Signalée 28/11/2024

IBEXA-SA-2024-006

high XSS vulnerabilities in back office

Versions affectées : v4.6.0,v4.6.20
Versions patchées : v4.6.21
https://developers.ibexa.co/security-advisories/ibexa-sa-2025-003-xss-vulnerabilities-in-back-office

Signalée 11/06/2025

IBEXA-SA-2025-003

medium Ibexa Admin UI XSS vulnerabilities in back office

Versions affectées : >=4.6.0-beta1,<4.6.21
Versions patchées : 4.6.21
https://github.com/advisories/GHSA-5r6x-g6jv-4v87

Signalée 13/06/2025

medium ibexa/admin-ui has an XSS vulnerability in Cancel/Reschedule future publication modal

Versions affectées : >=4.6.0,<4.6.25|>=5.0.0,<5.0.3
Versions patchées : 5.0.3 4.6.25
https://github.com/advisories/GHSA-2mx6-fq24-g2mh

Signalée 17/10/2025

medium Ibexa Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget

Versions affectées : >=4.6.0-beta1,<4.6.9
Versions patchées : 4.6.9
https://github.com/advisories/GHSA-qm44-wjm2-pr59

Signalée 31/07/2024

CVE-2024-39318

medium Ibexa Admin UI vulnerable to Cross-site Scripting in a field that is used in the Content name pattern

Versions affectées : >=4.6.0,<4.6.14
Versions patchées : 4.6.14
https://github.com/advisories/GHSA-8w3p-gf85-qcch

Signalée 02/12/2024

CVE-2024-53864

6 ibexa/fieldtype-richtext —— v4.6.7 +

high XXE vulnerability in RichText

Versions affectées : v4.6.0,v4.6.18
Versions patchées : v4.6.19
https://developers.ibexa.co/security-advisories/ibexa-sa-2025-002-xxe-vulnerability-in-richtext

Signalée 09/04/2025

IBEXA-SA-2025-002

high XSS vulnerabilities in back office

Versions affectées : v4.6.0,v4.6.20
Versions patchées : v4.6.21
https://developers.ibexa.co/security-advisories/ibexa-sa-2025-003-xss-vulnerabilities-in-back-office

Signalée 11/06/2025

IBEXA-SA-2025-003

high Persistent Cross-site Scripting in Ibexa RichText Field Type

Versions affectées : >=4.6.0,<4.6.10
Versions patchées : 4.6.10
https://github.com/advisories/GHSA-hvcf-6324-cjh7

Signalée 14/08/2024

CVE-2024-43369

high ibexa/fieldtype-richtext allows access to external entities in XML

Versions affectées : >=4.6.0-beta1,<4.6.19
Versions patchées : 4.6.19
https://github.com/advisories/GHSA-cj3w-g42v-wcj6

Signalée 10/04/2025

medium Ibexa RichText Field Type XSS vulnerabilities in back office

Versions affectées : >=4.6.0-beta1,<4.6.21
Versions patchées : 4.6.21
https://github.com/advisories/GHSA-9qv6-4pwm-m68f

Signalée 13/06/2025

medium ibexa/fieldtype-richtext has an XSS vulnerability via acronym custom tag in Rich Text

Versions affectées : >=4.6.0,<4.6.25|>=5.0.0,<5.0.3
Versions patchées : 5.0.3 4.6.25
https://github.com/advisories/GHSA-8c2g-f8jm-5cr7

Signalée 17/10/2025

3 twig/twig —— v3.10.3 +

high Twig has a possible sandbox bypass

Versions affectées : >=3.0.0,<3.14.0|>=2.0.0,<2.16.1|>=1.0.0,<1.44.8
Versions patchées : 1.44.8 2.16.1 3.14.0
https://github.com/advisories/GHSA-6j75-5wfj-gh66

Signalée 09/09/2024

CVE-2024-45411

low Unguarded calls to __isset() and to array-accesses when the sandbox is enabled

Versions affectées : >=1.0.0,<2.0.0|>=2.0.0,<3.0.0|>=3.0.0,<3.11.2|>=3.12.0,<3.14.1
Versions patchées : 3.11.2 3.14.1
https://symfony.com/blog/unguarded-calls-to-__isset-and-to-array-accesses-when-the-sandbox-is-enabled

Signalée 06/11/2024

CVE-2024-51755

low Unguarded calls to __toString() when nesting an object into an array

Signalée 06/11/2024

CVE-2024-51754

2 symfony/http-foundation —— v5.4.40 +

high CVE-2025-64500: Incorrect parsing of PATH_INFO can lead to limited authorization bypass

Versions affectées : >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.50|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.29|>=7.0.0,<7.1.0|>=7.1.0,<7.2.0|>=7.2.0,<7.3.0|>=7.3.0,<7.3.7
Versions patchées : 5.4.50 6.4.29 7.3.7 5.4.50 6.4.29 7.3.7
https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass

Signalée 12/11/2025

CVE-2025-64500

low CVE-2024-50345: Open redirect via browser-sanitized URLs

Versions affectées : >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7
Versions patchées : 5.4.46 6.4.14 7.1.7 5.4.46 6.4.14 7.1.7
https://symfony.com/cve-2024-50345

Signalée 05/11/2024

CVE-2024-50345

2 symfony/process —— v5.4.40 +

high CVE-2024-51736: Command execution hijack on Windows with Process class

Signalée 05/11/2024

CVE-2024-51736

medium Symfony's incorrect argument escaping under MSYS2/Git Bash can lead to destructive file operations on Windows

Versions affectées : >=8.0,<8.0.5|>=7.4,<7.4.5|>=7.3,<7.3.11|>=6.4,<6.4.33|<5.4.51
Versions patchées : 5.4.51 6.4.33 7.3.11 7.4.5 8.0.5 5.4.51 6.4.33 7.3.11 7.4.5 8.0.5
https://github.com/advisories/GHSA-r39x-jcww-82v6

Signalée 28/01/2026

CVE-2026-24739

1 symfony/runtime —— v5.4.40 +

medium CVE-2024-50340: Ability to change environment from query

Versions affectées : >=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7
Versions patchées : 5.4.46 6.4.14 7.1.7 5.4.46 6.4.14 7.1.7
https://symfony.com/cve-2024-50340

Signalée 05/11/2024

CVE-2024-50340

1 symfony/http-client —— v5.4.40 +

low CVE-2024-50342: Internal address and port enumeration allowed by NoPrivateNetworkHttpClient

Versions affectées : >=4.3.0,<4.4.0|>=4.4.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7
Versions patchées : 5.4.46 6.4.14 7.1.7 5.4.46 6.4.14 7.1.7
https://symfony.com/cve-2024-50342

Signalée 05/11/2024

CVE-2024-50342

1 symfony/validator —— v5.4.40 +

low CVE-2024-50343: Incorrect response from Validator when input ends with ` `

Versions affectées : >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.43|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.11|>=7.0.0,<7.1.0|>=7.1.0,<7.1.4
Versions patchées : 5.4.43 6.4.11 7.1.4 5.4.43 6.4.11 7.1.4
https://symfony.com/cve-2024-50343

Signalée 30/08/2024

CVE-2024-50343

1 symfony/security-http —— v5.4.40 +

high CVE-2024-51996: Authentication Bypass via persisted RememberMe cookie

Versions affectées : >=5.3.0,<5.4.0|>=5.4.0,<5.4.47|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.15|>=7.0.0,<7.1.0|>=7.1.0,<7.1.8
Versions patchées : 5.4.47 6.4.15 7.1.8
https://symfony.com/cve-2024-51996

Signalée 13/11/2024

CVE-2024-51996

2 ibexa/http-cache —— v4.6.7 +

high BREACH vulnerability in varnish VCL and vhost templates

Signalée 28/11/2024

IBEXA-SA-2024-006

medium ibexa/http-cache affected by Breach with Varnish VCL

Versions affectées : >=4.6.0,<4.6.14
Versions patchées : 4.6.14
https://github.com/advisories/GHSA-fh7v-q458-7vmw

Signalée 02/12/2024

2 ibexa/post-install —— v4.6.7 +

high BREACH vulnerability in varnish VCL and vhost templates

Signalée 28/11/2024

IBEXA-SA-2024-006

medium ibexa/post-install affected by Breach with Varnish VCL

Versions affectées : >=4.6.0,<4.6.14|>=1.0.0,<1.0.16
Versions patchées : 1.0.16 4.6.14
https://github.com/advisories/GHSA-4h8f-c635-25p7

Signalée 02/12/2024

2 ibexa/admin-ui-assets —— v4.6.7 +

high XSS vulnerabilities in back office

Versions affectées : v4.6.0,v4.6.20
Versions patchées : v4.6.21
https://developers.ibexa.co/security-advisories/ibexa-sa-2025-003-xss-vulnerabilities-in-back-office

Signalée 11/06/2025

IBEXA-SA-2025-003

medium Ibexa Admin UI assets XSS vulnerabilities in back office

Versions affectées : >=4.6.0-alpha1,<4.6.21
Versions patchées : 4.6.21
https://github.com/advisories/GHSA-vhgq-r8gx-5fpv

Signalée 13/06/2025

Php

23 PHP —— 8.3.8 +

critical In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

* [https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv](https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv)

Signalée 24/11/2024

CVE-2024-11236

critical In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.

* [https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff](https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff)
* [https://security.netapp.com/advisory/ntap-20250523-0005/](https://security.netapp.com/advisory/ntap-20250523-0005/)

Signalée 30/03/2025

CVE-2025-1861

high In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.

* [https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43](https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43)

Signalée 24/11/2024

CVE-2024-11233

high In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user.

* [https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2](https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2)

Signalée 24/11/2024

CVE-2024-11234

high In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution.

Versions affectées : 8.3.0|8.3.18,8.4.0|8.4.5
Versions patchées :
* [https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477](https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477)
* [https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477](https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477)

Signalée 04/04/2025

CVE-2024-11235

high In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows "Best Fit" codepage behavior can be achieved. This may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.

* [https://github.com/php/php-src/security/advisories/GHSA-p99j-rfp4-xqvq](https://github.com/php/php-src/security/advisories/GHSA-p99j-rfp4-xqvq)

Signalée 08/10/2024

CVE-2024-8926

high In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP headers, which can lead to cgi.force_redirect option not being correctly applied. In certain configurations this may lead to arbitrary file inclusion in PHP.

* [https://github.com/php/php-src/security/advisories/GHSA-94p6-54jq-9mwp](https://github.com/php/php-src/security/advisories/GHSA-94p6-54jq-9mwp)

Signalée 08/10/2024

CVE-2024-8927

high In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.

* [https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7](https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7)

Signalée 27/12/2025

CVE-2025-14177

high In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts using zend_hash_num_elements(). This may lead to memory corruption or crashes and affect the integrity and availability of the target server.

* [https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2](https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2)

Signalée 27/12/2025

CVE-2025-14178

high In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.

* [https://github.com/php/php-src/security/advisories/GHSA-8xr5-qppj-gvwj](https://github.com/php/php-src/security/advisories/GHSA-8xr5-qppj-gvwj)

Signalée 27/12/2025

CVE-2025-14180

high In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.

* [https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3](https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3)

Signalée 13/07/2025

CVE-2025-1735

high In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.

* [https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528](https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528)
* [https://security.netapp.com/advisory/ntap-20250523-0006/](https://security.netapp.com/advisory/ntap-20250523-0006/)

Signalée 30/03/2025

CVE-2025-1736

medium The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

* [http://osvdb.org/39834](http://osvdb.org/39834)
* [http://securityreason.com/securityalert/2800](http://securityreason.com/securityalert/2800)
* [http://www.acid-root.new.fr/advisories/14070612.txt](http://www.acid-root.new.fr/advisories/14070612.txt)
* [http://www.securityfocus.com/archive/1/471178/100/0/threaded](http://www.securityfocus.com/archive/1/471178/100/0/threaded)
* [http://www.securityfocus.com/archive/1/471204/100/0/threaded](http://www.securityfocus.com/archive/1/471204/100/0/threaded)
* [http://www.securityfocus.com/archive/1/471275/100/0/threaded](http://www.securityfocus.com/archive/1/471275/100/0/threaded)
* [https://exchange.xforce.ibmcloud.com/vulnerabilities/34836](https://exchange.xforce.ibmcloud.com/vulnerabilities/34836)

Signalée 13/06/2007

CVE-2007-3205

medium In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being processed. This could lead to malicious attacker able to control part of the submitted data being able to exclude portion of other data, potentially leading to erroneous application behavior.

* [https://github.com/php/php-src/security/advisories/GHSA-9pqp-7h25-4f32](https://github.com/php/php-src/security/advisories/GHSA-9pqp-7h25-4f32)

Signalée 08/10/2024

CVE-2024-8925

medium In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.

Versions affectées : 8.1.0|8.1.31,8.2.0|8.2.27,8.3.0|8.3.18,8.4.0|8.4.4
Versions patchées :
* [https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc](https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc)
* [https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc](https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc)

Signalée 30/03/2025

CVE-2025-1219

medium In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.

* [https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r](https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r)
* [https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r](https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r)

Signalée 13/07/2025

CVE-2025-1220

medium In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving headers from HTTP server, the headers missing a colon (:) are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers.

* [https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44](https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44)
* [https://security.netapp.com/advisory/ntap-20250523-0009/](https://security.netapp.com/advisory/ntap-20250523-0009/)

Signalée 30/03/2025

CVE-2025-1734

low In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using PHP-FPM SAPI and it is configured to catch workers output through catch_workers_output = yes, it may be possible to pollute the final log or remove up to 4 characters from the log messages by manipulating log message content. Additionally, if PHP-FPM is configured to use syslog output, it may be possible to further remove log data using the same vulnerability.

* [https://github.com/php/php-src/security/advisories/GHSA-865w-9rf3-2wh5](https://github.com/php/php-src/security/advisories/GHSA-865w-9rf3-2wh5)

Signalée 08/10/2024

CVE-2024-9026

low In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc.

Versions affectées : 8.1.0|8.1.31,8.2.0|8.2.27,8.3.0|8.3.18,8.4.0|8.4.4
Versions patchées :
* [https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g](https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g)
* [https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g](https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g)

Signalée 29/03/2025

CVE-2025-1217

unassigned A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.

* [https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/](https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/)
* [https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/](https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/)
* [https://kb.cert.org/vuls/id/123335](https://kb.cert.org/vuls/id/123335)
* [https://kb.cert.org/vuls/id/123335](https://kb.cert.org/vuls/id/123335)
* [https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way](https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way)
* [https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way](https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way)
* [https://www.cve.org/CVERecord?id=CVE-2024-1874](https://www.cve.org/CVERecord?id=CVE-2024-1874)
* [https://www.cve.org/CVERecord?id=CVE-2024-1874](https://www.cve.org/CVERecord?id=CVE-2024-1874)
* [https://www.cve.org/CVERecord?id=CVE-2024-22423](https://www.cve.org/CVERecord?id=CVE-2024-22423)
* [https://www.cve.org/CVERecord?id=CVE-2024-22423](https://www.cve.org/CVERecord?id=CVE-2024-22423)
* [https://www.cve.org/CVERecord?id=CVE-2024-24576](https://www.cve.org/CVERecord?id=CVE-2024-24576)
* [https://www.cve.org/CVERecord?id=CVE-2024-24576](https://www.cve.org/CVERecord?id=CVE-2024-24576)
* [https://www.kb.cert.org/vuls/id/123335](https://www.kb.cert.org/vuls/id/123335)
* [https://www.kb.cert.org/vuls/id/123335](https://www.kb.cert.org/vuls/id/123335)

Signalée 10/04/2024

CVE-2024-3566

unassigned In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.

* [https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678](https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678)
* [https://security.netapp.com/advisory/ntap-20250110-0008/](https://security.netapp.com/advisory/ntap-20250110-0008/)

Signalée 22/11/2024

CVE-2024-8929

unassigned In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

* [https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff](https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff)
* [https://security.netapp.com/advisory/ntap-20250110-0009/](https://security.netapp.com/advisory/ntap-20250110-0009/)

Signalée 22/11/2024

CVE-2024-8932

unassigned In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.

* [https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x](https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x)
* [https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x](https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x)

Signalée 13/07/2025

CVE-2025-6491

6 paquets abandonnés ont été trouvés

Paquet abandonné	Remplacement suggéré
sensio/framework-extra-bundle	Symfony
php-http/message-factory	psr/http-factory
platformsh/symfonyflex-bridge	Aucun
swiftmailer/swiftmailer	symfony/mailer
symfony/swiftmailer-bundle	symfony/mailer
php-http/guzzle6-adapter	guzzlehttp/guzzle or php-http/guzzle7-adapter

Résumé Mise à jour possible

Votre version est Symfony 5.4

Votre version est Php 7.4

Votre version est Ibexa 4.6

Badge

[![Vulnerabilities](https://audit.security.code-rhapsodie.fr/badge/018fdea7-1ba2-7bdf-abab-51452e155926?type=vulnerabilities)](https://audit.security.code-rhapsodie.fr/fr/project/018fdea7-1ba2-7bdf-abab-51452e155926)

[![Vulnerabilities](https://audit.security.code-rhapsodie.fr/badge/018fdea7-1ba2-7bdf-abab-51452e155926?type=vulnerabilities&version=little)](https://audit.security.code-rhapsodie.fr/fr/project/018fdea7-1ba2-7bdf-abab-51452e155926)

[![Abandonned](https://audit.security.code-rhapsodie.fr/badge/018fdea7-1ba2-7bdf-abab-51452e155926?type=abandonned)](https://audit.security.code-rhapsodie.fr/fr/project/018fdea7-1ba2-7bdf-abab-51452e155926)

[![Abandonned](https://audit.security.code-rhapsodie.fr/badge/018fdea7-1ba2-7bdf-abab-51452e155926?type=abandonned&version=little)](https://audit.security.code-rhapsodie.fr/fr/project/018fdea7-1ba2-7bdf-abab-51452e155926)