PHP vulnerabilities
Discription

image
Releases Ubuntu 24.04 LTS Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages php7.4 – HTML-embedded scripting language interpreter php8.1 – HTML-embedded scripting language interpreter php8.3 – HTML-embedded scripting language interpreter Details It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to inject payloads and cause PHP to ignore legitimate data. (CVE-2024-8925) It was discovered that PHP incorrectly handled the cgi.force_redirect configuration option due to environment variable collisions. In certain configurations, an attacker could possibly use this issue bypass force_redirect restrictions. (CVE-2024-8927) It was discovered that PHP-FPM incorrectly handled logging. A remote attacker could possibly use this issue to alter and inject arbitrary contents into log files. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS….Read More

Back to Main

Subscribe for the latest news: