Количество 17
Количество 17
GHSA-7fj2-8x79-rjf4
BCrypt hashes erroneously validate if the salt is cut short by `$`
CVE-2023-0567
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.
CVE-2023-0567
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.
CVE-2023-0567
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.
CVE-2023-0567
CVE-2023-0567
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3 ...
BDU:2024-07326
Уязвимость функции верификации пароля языка программирования PHP, связанная с недостаточным вычислением хеша пароля, позволяющая нарушителю оказать воздействие на целостность данных
ROS-20241220-01
Уязвимость PHP
SUSE-SU-2023:0515-1
Security update for php74
SUSE-SU-2023:0514-1
Security update for php7
SUSE-SU-2023:0513-1
Security update for php7
SUSE-SU-2023:0476-1
Security update for php7
RLSA-2023:5926
Important: php security update
ELSA-2024-0387
ELSA-2024-0387: php:8.1 security update (MODERATE)
ELSA-2023-5927
ELSA-2023-5927: php:8.0 security update (IMPORTANT)
ELSA-2023-5926
ELSA-2023-5926: php security update (IMPORTANT)
ELSA-2024-10952
ELSA-2024-10952: php:7.4 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-7fj2-8x79-rjf4 BCrypt hashes erroneously validate if the salt is cut short by `$` | 0% Низкий | больше 2 лет назад | |
 | CVE-2023-0567 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. | CVSS3: 7.7 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-0567 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. | CVSS3: 5.3 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-0567 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. | CVSS3: 7.7 | 0% Низкий | больше 2 лет назад |
 | CVSS3: 6.2 | 0% Низкий | больше 2 лет назад | |
| CVE-2023-0567 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3 ... | CVSS3: 7.7 | 0% Низкий | больше 2 лет назад |
 | BDU:2024-07326 Уязвимость функции верификации пароля языка программирования PHP, связанная с недостаточным вычислением хеша пароля, позволяющая нарушителю оказать воздействие на целостность данных | CVSS3: 6.2 | 0% Низкий | больше 2 лет назад |
 | ROS-20241220-01 Уязвимость PHP | CVSS3: 6.2 | 0% Низкий | 6 месяцев назад |
 | SUSE-SU-2023:0515-1 Security update for php74 | больше 2 лет назад | ||
| SUSE-SU-2023:0514-1 Security update for php7 | больше 2 лет назад | ||
| SUSE-SU-2023:0513-1 Security update for php7 | больше 2 лет назад | ||
| SUSE-SU-2023:0476-1 Security update for php7 | больше 2 лет назад | ||
 | RLSA-2023:5926 Important: php security update | больше 1 года назад | ||
| ELSA-2024-0387 ELSA-2024-0387: php:8.1 security update (MODERATE) | больше 1 года назад | ||
| ELSA-2023-5927 ELSA-2023-5927: php:8.0 security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2023-5926 ELSA-2023-5926: php security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-10952 ELSA-2024-10952: php:7.4 security update (MODERATE) | 6 месяцев назад |
Уязвимостей на страницу