Search CVE reports


Toggle filters

71 – 72 of 72 results


CVE-2017-8923

Low priority

Some fixes available 4 of 9

The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash)...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.0, php8.1

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php5 Not in release Not in release Not in release Not in release Not in release
php7.0 Not in release Not in release Not in release Not in release Not in release
php7.2 Not in release Not in release Not in release Not in release Fixed
php7.4 Not in release Not in release Not in release Fixed Not in release
php8.0 Not in release Not in release Not in release Not in release Not in release
php8.1 Not in release Not in release Not affected Not in release Not in release
Show less packages

CVE-2016-9138

Low priority
Vulnerable

PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.0, php8.1

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php5 Not in release Not in release Not in release Not in release Not in release
php7.0 Not in release Not in release Not in release Not in release Not in release
php7.2 Not in release Not in release Not in release Not in release Vulnerable
php7.4 Not in release Not in release Not in release Not affected Not in release
php8.0 Not in release Not in release Not in release Not in release Not in release
php8.1 Not in release Not in release Not affected Not in release Not in release
Show less packages