PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 883
RLSA-2019:3735
Critical: php:7.2 security update
openSUSE-SU-2019:2441-1
Security update for php7
SUSE-SU-2019:2819-1
Security update for php7
SUSE-SU-2019:2809-1
Security update for php7
CVE-2019-11043
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
CVE-2019-11043
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below ...
CVE-2019-11043
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
BDU:2020-00013
Уязвимость компонента sapi/fpm/fpm/fpm_main.c расширения PHP-FPM интерпретатора языка программирования PHP, позволяющая нарушителю выполнять произвольные команды
CVE-2019-11043
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
CVE-2019-19246
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | RLSA-2019:3735 Critical: php:7.2 security update | 94% Критический | больше 6 лет назад | |
 | openSUSE-SU-2019:2441-1 Security update for php7 | 94% Критический | больше 6 лет назад | |
| SUSE-SU-2019:2819-1 Security update for php7 | 94% Критический | больше 6 лет назад | |
| SUSE-SU-2019:2809-1 Security update for php7 | 94% Критический | больше 6 лет назад | |
 | CVE-2019-11043 In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. | CVSS3: 8.7 | 94% Критический | больше 6 лет назад |
| CVE-2019-11043 In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below ... | CVSS3: 8.7 | 94% Критический | больше 6 лет назад |
 | CVE-2019-11043 In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. | CVSS3: 8.7 | 94% Критический | больше 6 лет назад |
 | BDU:2020-00013 Уязвимость компонента sapi/fpm/fpm/fpm_main.c расширения PHP-FPM интерпретатора языка программирования PHP, позволяющая нарушителю выполнять произвольные команды | CVSS3: 8.7 | 94% Критический | больше 6 лет назад |
 | CVE-2019-11043 In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. | CVSS3: 8.1 | 94% Критический | больше 6 лет назад |
| CVE-2019-19246 Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу