Search CVE reports
11 – 12 of 12 results
Some fixes available 6 of 7
In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should...
6 affected packages
php7.4, php8.1, php8.2, php5, php7.0, php7.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| php7.4 | — | Not in release | Fixed | Not in release |
| php8.1 | — | Fixed | Not in release | Not in release |
| php8.2 | — | Not in release | Not in release | Ignored |
| php5 | — | Not in release | Not in release | Not in release |
| php7.0 | — | Not in release | Not in release | Not in release |
| php7.2 | — | Not in release | Not in release | Fixed |
Some fixes available 2 of 3
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
7 affected packages
php8.1, php7.2, php7.4, php5, php7.0...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| php8.1 | Not in release | Fixed | Not in release | Not in release |
| php7.2 | — | Not in release | Not in release | Not affected |
| php7.4 | — | Not in release | Fixed | Not in release |
| php5 | — | Not in release | Not in release | Not in release |
| php7.0 | — | Not in release | Not in release | Not in release |
| php8.2 | Not in release | Not in release | Not in release | Not in release |
| php8.3 | Not affected | Not in release | Not in release | Not in release |