CVE search results

121 – 127 of 127 results

Detailed view

Sort by:

CVE-2018-10545

Medium priority

Fixed

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl...

4 affected packages

php7.0, php7.1, php5, php7.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php7.0	—	—	—	Not in release
php7.1	—	—	—	Not in release
php5	—	—	—	Not in release
php7.2	—	—	—	Fixed

CVE-2018-7584

Medium priority

Fixed

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function...

4 affected packages

php5, php7.0, php7.1, php7.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	Not in release
php7.0	—	—	—	Not in release
php7.1	—	—	—	Not in release
php7.2	—	—	—	Fixed

CVE-2015-9253

Low priority

Fixed

An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec,...

4 affected packages

php5, php7.0, php7.2, php7.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	Not in release	Not in release	Not in release
php7.0	—	Not in release	Not in release	Not in release
php7.2	—	Not in release	Not in release	Fixed
php7.3	—	Not in release	Not in release	Not in release

CVE-2018-5712

Medium priority

Fixed

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

4 affected packages

php7.1, php5, php7.0, php7.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php7.1	—	—	—	Not in release
php5	—	—	—	Not in release
php7.0	—	—	—	Not in release
php7.2	—	—	—	Not affected

CVE-2017-9119

Low priority

Some fixes available 3 of 8

The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by triggering crafted operations...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.0, php8.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	Not in release	Not in release	Not in release	Not in release
php7.0	Not in release	Not in release	Not in release	Not in release
php7.2	Not in release	Not in release	Not in release	Fixed
php7.4	Not in release	Not in release	Fixed	Not in release
php8.0	Not in release	Not in release	Not in release	Not in release
php8.1	Not in release	Not affected	Not in release	Not in release

CVE-2017-8923

Low priority

Some fixes available 4 of 9

The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash)...

6 affected packages

php5, php7.2, php7.4, php8.0, php8.1, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	Not in release	Not in release	Not in release	Not in release
php7.2	Not in release	Not in release	Not in release	Fixed
php7.4	Not in release	Not in release	Fixed	Not in release
php8.0	Not in release	Not in release	Not in release	Not in release
php8.1	Not in release	Not affected	Not in release	Not in release
php7.0	Not in release	Not in release	Not in release	Not in release

CVE-2016-9138

Low priority

Vulnerable

PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted...

6 affected packages

php7.4, php7.0, php7.2, php5, php8.1, php8.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php7.4	Not in release	Not in release	Not affected	Not in release
php7.0	Not in release	Not in release	Not in release	Not in release
php7.2	Not in release	Not in release	Not in release	Vulnerable
php5	Not in release	Not in release	Not in release	Not in release
php8.1	Not in release	Not affected	Not in release	Not in release
php8.0	Not in release	Not in release	Not in release	Not in release

Export to JSON

Results by page:

Search CVE reports