Search CVE reports
141 – 150 of 275 results
Some fixes available 2 of 3
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak...
3 affected packages
php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not in release |
| php7.1 | — | — | — | — | Not in release |
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
4 affected packages
libgd2, php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | — |
| php5 | — | — | — | — | — |
| php7.0 | — | — | — | — | — |
| php7.1 | — | — | — | — | — |
ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zval_get_type function in Zend/zend_types.h. Exploitation of...
3 affected packages
php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| php5 | — | — | — | — | — |
| php7.0 | — | — | — | — | — |
| php7.1 | — | — | — | — | — |
Some fixes available 1 of 2
ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation...
3 affected packages
php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| php5 | — | — | — | — | — |
| php7.0 | — | — | — | — | — |
| php7.1 | — | — | — | — | — |
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue...
3 affected packages
php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not in release |
| php7.1 | — | — | — | — | Not in release |
The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image...
4 affected packages
libgd2, php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | — |
| php5 | — | — | — | — | — |
| php7.0 | — | — | — | — | — |
| php7.1 | — | — | — | — | — |
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE:...
3 affected packages
php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| php5 | — | — | — | — | — |
| php7.0 | — | — | — | — | — |
| php7.1 | — | — | — | — | — |
Some fixes available 4 of 5
In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application...
3 affected packages
php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not in release |
| php7.1 | — | — | — | — | Not in release |
In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
3 affected packages
php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| php5 | — | — | — | — | — |
| php7.0 | — | — | — | — | — |
| php7.1 | — | — | — | — | — |
Some fixes available 1 of 2
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the...
3 affected packages
php5, php7.0, php7.1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| php5 | — | — | — | — | — |
| php7.0 | — | — | — | — | — |
| php7.1 | — | — | — | — | — |