PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 867
BDU:2023-06657
Уязвимость функции phar_dir_read() интерпретатора PHP, позволяющая нарушителю выполнить произвольный код
GHSA-jqcx-ccgc-xwhv
Buffer overflow and overread in phar_dir_read()
GHSA-3qrf-m4j2-pcrr
Security issue with external entity loading in XML without enabling it
CVE-2023-3823
In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down.
CVE-2023-3824
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
SUSE-SU-2023:2980-1
Security update for php7
CVE-2023-3247
In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.
CVE-2023-3247
In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before ...
CVE-2023-3247
In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.
SUSE-SU-2023:2848-1
Security update for php74
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | BDU:2023-06657 Уязвимость функции phar_dir_read() интерпретатора PHP, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 32% Средний | около 2 лет назад |
| GHSA-jqcx-ccgc-xwhv Buffer overflow and overread in phar_dir_read() | CVSS3: 9.4 | 32% Средний | больше 2 лет назад |
| GHSA-3qrf-m4j2-pcrr Security issue with external entity loading in XML without enabling it | CVSS3: 8.6 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-3823 In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down. | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
| CVE-2023-3824 In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. | CVSS3: 7 | 32% Средний | больше 2 лет назад |
 | SUSE-SU-2023:2980-1 Security update for php7 | 0% Низкий | больше 2 лет назад | |
 | CVE-2023-3247 In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. | CVSS3: 2.6 | 0% Низкий | больше 2 лет назад |
| CVE-2023-3247 In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before ... | CVSS3: 2.6 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-3247 In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. | CVSS3: 2.6 | 0% Низкий | больше 2 лет назад |
| SUSE-SU-2023:2848-1 Security update for php74 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу