CVE search results

81 – 90 of 659 results

Detailed view

Sort by:

CVE-2019-11041

Medium priority

Fixed

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will...

4 affected packages

php5, php7.0, php7.2, php7.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	Not in release
php7.0	—	—	—	Not in release
php7.2	—	—	—	Fixed
php7.3	—	—	—	Not in release

CVE-2017-7189

Low priority

Vulnerable

main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses fsockopen calls, such as by interpreting fsockopen('127.0.0.1:80', 443) as if the address/port were 127.0.0.1:80:443, which is later truncated to 127.0.0.1:80. This...

7 affected packages

php5, php7.4, php8.0, php8.1, php7.0...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	Not in release	Not in release	Not in release	Not in release
php7.4	Not in release	Not in release	Vulnerable	Not in release
php8.0	Not in release	Not in release	Not in release	Not in release
php8.1	Not in release	Vulnerable	Not in release	Not in release
php7.0	Not in release	Not in release	Not in release	Not in release
php7.2	Not in release	Not in release	Not in release	Vulnerable
php7.3	Not in release	Not in release	Not in release	Not in release

CVE-2019-13224

Medium priority

Some fixes available 17 of 43

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression....

8 affected packages

libonig, groonga, libevhtp, mudlet, php5...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libonig	Fixed	Fixed	Fixed	Fixed
groonga	Vulnerable	Vulnerable	Vulnerable	Vulnerable
libevhtp	Not affected	Not affected	Not affected	Not affected
mudlet	Not in release	Not in release	Vulnerable	Vulnerable
php5	Not in release	Not in release	Not in release	Not in release
php7.0	Not in release	Not in release	Not in release	Not in release
php7.2	Not in release	Not in release	Not in release	Not affected
php7.3	Not in release	Not in release	Not in release	Not in release

CVE-2018-15879

Medium priority

Fixed

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate is a reservation duplicate of CVE-2019-6978. Notes: All CVE users should reference CVE-2019-6978 instead of this candidate. All...

5 affected packages

libgd2, php5, php7.0, php7.2, php7.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	Fixed
php5	—	—	—	Not in release
php7.0	—	—	—	Not in release
php7.2	—	—	—	Not affected
php7.3	—	—	—	Not in release

CVE-2018-15878

Medium priority

Fixed

5 affected packages

libgd2, php5, php7.0, php7.2, php7.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	Fixed
php5	—	—	—	Not in release
php7.0	—	—	—	Not in release
php7.2	—	—	—	Not affected
php7.3	—	—	—	Not in release

CVE-2019-11038

Low priority

Some fixes available 3 of 5

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply...

5 affected packages

libgd2, php5, php7.0, php7.2, php7.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	Not affected	Fixed
php5	—	—	Not in release	Not in release
php7.0	—	—	Not in release	Not in release
php7.2	—	—	Not in release	Not affected
php7.3	—	—	Not in release	Not in release

CVE-2019-11040

Medium priority

Fixed

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will...

4 affected packages

php5, php7.0, php7.2, php7.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	Not in release
php7.0	—	—	—	Not in release
php7.2	—	—	—	Fixed
php7.3	—	—	—	Not in release

CVE-2019-11039

Medium priority

Fixed

Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to...

4 affected packages

php7.0, php7.2, php5, php7.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php7.0	—	—	—	Not in release
php7.2	—	—	—	Fixed
php5	—	—	—	Not in release
php7.3	—	—	—	Not in release

CVE-2019-11036

Low priority

Fixed

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information...

4 affected packages

php5, php7.0, php7.2, php7.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	Not in release
php7.0	—	—	—	Not in release
php7.2	—	—	—	Fixed
php7.3	—	—	—	Not in release

CVE-2019-11035

Medium priority

Fixed

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information...

3 affected packages

php5, php7.0, php7.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	Not in release
php7.0	—	—	—	Not in release
php7.2	—	—	—	Fixed

Export to JSON

Results by page:

Search CVE reports