PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 889
openSUSE-SU-2018:4030-1
Recommended update for php7
openSUSE-SU-2018:4038-1
Recommended update for php5
CVE-2018-19935
ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
CVE-2018-19935
ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote atta ...
CVE-2018-19935
ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
BDU:2019-01249
Уязвимость функции imap_mail интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2018:3995-1
Recommended update for php5
CVE-2019-9021
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.
SUSE-SU-2018:3988-1
Recommended update for php7
SUSE-SU-2018:3986-1
Recommended update for php53
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | openSUSE-SU-2018:4030-1 Recommended update for php7 | 94% Критический | больше 7 лет назад | |
| openSUSE-SU-2018:4038-1 Recommended update for php5 | 94% Критический | больше 7 лет назад | |
 | CVE-2018-19935 ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function. | CVSS3: 7.5 | 24% Средний | больше 7 лет назад |
| CVE-2018-19935 ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote atta ... | CVSS3: 7.5 | 24% Средний | больше 7 лет назад |
 | CVE-2018-19935 ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function. | CVSS3: 7.5 | 24% Средний | больше 7 лет назад |
 | BDU:2019-01249 Уязвимость функции imap_mail интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 24% Средний | больше 7 лет назад |
| SUSE-SU-2018:3995-1 Recommended update for php5 | 94% Критический | больше 7 лет назад | |
 | CVE-2019-9021 An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c. | CVSS3: 5.3 | 25% Средний | больше 7 лет назад |
| SUSE-SU-2018:3988-1 Recommended update for php7 | 94% Критический | больше 7 лет назад | |
| SUSE-SU-2018:3986-1 Recommended update for php53 | 94% Критический | больше 7 лет назад |
Уязвимостей на страницу