Search CVE reports
51 – 53 of 53 results
CVE-2017-9119
Low prioritySome fixes available 3 of 8
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by triggering crafted operations...
6 affected packages
php5, php7.0, php7.2, php7.4, php8.0, php8.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| php5 | Not in release | Not in release | Not in release | Not in release | Not in release |
| php7.0 | Not in release | Not in release | Not in release | Not in release | Fixed |
| php7.2 | Not in release | Not in release | Not in release | Fixed | Not in release |
| php7.4 | Not in release | Not in release | Fixed | Not in release | Not in release |
| php8.0 | Not in release | Not in release | Not in release | Not in release | Not in release |
| php8.1 | Not in release | Not affected | Not in release | Not in release | Not in release |
CVE-2017-8923
Low prioritySome fixes available 4 of 9
The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash)...
6 affected packages
php5, php7.0, php7.2, php7.4, php8.0, php8.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| php5 | Not in release | Not in release | Not in release | Not in release | Not in release |
| php7.0 | Not in release | Not in release | Not in release | Not in release | Fixed |
| php7.2 | Not in release | Not in release | Not in release | Fixed | Not in release |
| php7.4 | Not in release | Not in release | Fixed | Not in release | Not in release |
| php8.0 | Not in release | Not in release | Not in release | Not in release | Not in release |
| php8.1 | Not in release | Not affected | Not in release | Not in release | Not in release |
CVE-2016-9138
Low priorityPHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted...
6 affected packages
php5, php7.0, php7.2, php7.4, php8.0, php8.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| php5 | Not in release | Not in release | Not in release | Not in release | Not in release |
| php7.0 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
| php7.2 | Not in release | Not in release | Not in release | Vulnerable | Not in release |
| php7.4 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| php8.0 | Not in release | Not in release | Not in release | Not in release | Not in release |
| php8.1 | Not in release | Vulnerable | Not in release | Not in release | Not in release |