VYPR

apk package

wolfi/php-8.2

pkg:apk/wolfi/php-8.2

Vulnerabilities (24)

  • CVE-2007-4889Sep 14, 2007
    affected < 0fixed 0

    The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.

  • CVE-2007-4596Aug 30, 2007
    affected < 0fixed 0

    The perl extension in PHP does not follow safe_mode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments.

  • CVE-2007-3205Jun 13, 2007
    affected < 0fixed 0

    The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a

  • CVE-2007-2728May 16, 2007
    affected < 0fixed 0

    The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue.

Page 2 of 2