Bugs fixes in "php7.2"
Origin | Bug number | Title | Date fixed |
---|---|---|---|
CVE | CVE-2022-31628 | In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infini | 2022-11-08 |
CVE | CVE-2022-37454 | The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute | 2022-11-08 |
CVE | CVE-2022-31629 | In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the | 2022-11-08 |
CVE | CVE-2022-31628 | In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infini | 2022-11-08 |
CVE | CVE-2022-31625 | In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters t | 2022-07-07 |
Launchpad | 1980550 | Incomplete fix for CVE-2022-31625 | 2022-07-07 |
CVE | CVE-2022-31625 | In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters t | 2022-07-07 |
Launchpad | 1980550 | Incomplete fix for CVE-2022-31625 | 2022-07-07 |
CVE | CVE-2022-31625 | In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters t | 2022-07-07 |
Launchpad | 1980550 | Incomplete fix for CVE-2022-31625 | 2022-07-07 |
CVE | CVE-2022-31625 | In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters t | 2022-07-07 |
Launchpad | 1980550 | Incomplete fix for CVE-2022-31625 | 2022-07-07 |
CVE | CVE-2021-21707 | In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode | 2022-03-03 |
CVE | CVE-2017-9120 | PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other | 2022-03-03 |
CVE | CVE-2017-9119 | The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application | 2022-03-03 |
CVE | CVE-2017-9118 | PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. | 2022-03-03 |
CVE | CVE-2017-8923 | The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative lengt | 2022-03-03 |
CVE | CVE-2021-21707 | In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode | 2022-03-03 |
CVE | CVE-2017-9120 | PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other | 2022-03-03 |
CVE | CVE-2017-9119 | The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application | 2022-03-03 |
About
-
Send Feedback to @ubuntu_updates