PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 883
CVE-2014-2020
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which ...
CVE-2013-7328
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
CVE-2013-7328
Multiple integer signedness errors in the gdImageCrop function in ext/ ...
CVE-2013-7327
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226.
CVE-2013-7327
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does ...
CVE-2013-7226
Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow.
CVE-2013-7226
Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5 ...
CVE-2013-7327
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226.
CVE-2013-7226
Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow.
CVE-2013-7328
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2014-2020 ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which ... | CVSS2: 5 | 0% Низкий | почти 12 лет назад |
 | CVE-2013-7328 Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226. | CVSS2: 5.8 | 1% Низкий | почти 12 лет назад |
| CVE-2013-7328 Multiple integer signedness errors in the gdImageCrop function in ext/ ... | CVSS2: 5.8 | 1% Низкий | почти 12 лет назад |
| CVE-2013-7327 The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226. | CVSS2: 6.8 | 1% Низкий | почти 12 лет назад |
| CVE-2013-7327 The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does ... | CVSS2: 6.8 | 1% Низкий | почти 12 лет назад |
| CVE-2013-7226 Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow. | CVSS2: 6.8 | 10% Средний | почти 12 лет назад |
| CVE-2013-7226 Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5 ... | CVSS2: 6.8 | 10% Средний | почти 12 лет назад |
 | CVE-2013-7327 The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226. | CVSS2: 6.8 | 1% Низкий | почти 12 лет назад |
| CVE-2013-7226 Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow. | CVSS2: 6.8 | 10% Средний | почти 12 лет назад |
| CVE-2013-7328 Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226. | CVSS2: 5.8 | 1% Низкий | почти 12 лет назад |
Уязвимостей на страницу