Количество 11
Количество 11
BDU:2019-04233
Уязвимость дочерних FPM-процессов интерпретатора языка программирования PHP, позволяющая нарушителю обойти проверку доступа opcache и получить несанкционированный доступ к защищаемой информации
CVE-2018-10545
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.
CVE-2018-10545
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.
CVE-2018-10545
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.
CVE-2018-10545
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1 ...
GHSA-67m2-ch47-h5pm
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.
openSUSE-SU-2018:1317-1
Security update for php5
openSUSE-SU-2018:1207-1
Security update for php7
SUSE-SU-2018:1294-1
Security update for php53
SUSE-SU-2018:1291-1
Security update for php5
SUSE-SU-2018:1176-1
Security update for php7
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2019-04233 Уязвимость дочерних FPM-процессов интерпретатора языка программирования PHP, позволяющая нарушителю обойти проверку доступа opcache и получить несанкционированный доступ к защищаемой информации | CVSS3: 4.7 | 0% Низкий | около 7 лет назад |
 | CVE-2018-10545 An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process. | CVSS3: 4.7 | 0% Низкий | около 7 лет назад |
 | CVE-2018-10545 An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process. | CVSS3: 3.1 | 0% Низкий | больше 7 лет назад |
 | CVE-2018-10545 An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process. | CVSS3: 4.7 | 0% Низкий | около 7 лет назад |
| CVE-2018-10545 An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1 ... | CVSS3: 4.7 | 0% Низкий | около 7 лет назад |
| GHSA-67m2-ch47-h5pm An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process. | CVSS3: 4.7 | 0% Низкий | около 3 лет назад |
 | openSUSE-SU-2018:1317-1 Security update for php5 | около 7 лет назад | ||
| openSUSE-SU-2018:1207-1 Security update for php7 | около 7 лет назад | ||
| SUSE-SU-2018:1294-1 Security update for php53 | около 7 лет назад | ||
| SUSE-SU-2018:1291-1 Security update for php5 | около 7 лет назад | ||
| SUSE-SU-2018:1176-1 Security update for php7 | около 7 лет назад |
Уязвимостей на страницу