rpm package
almalinux/libzip
pkg:rpm/almalinux/libzip
Vulnerabilities (88)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-7059 | Med | 6.5 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Feb 10, 2020 | When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or cr | |
| CVE-2019-11050 | Med | 4.8 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Dec 23, 2019 | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to inf | |
| CVE-2019-11047 | Med | 4.8 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Dec 23, 2019 | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to inf | |
| CVE-2019-11045 | Low | 3.7 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Dec 23, 2019 | In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is all | |
| CVE-2019-19246 | Hig | 7.5 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Nov 25, 2019 | Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. | |
| CVE-2019-19204 | Hig | 7.5 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Nov 21, 2019 | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. | |
| CVE-2019-19203 | Hig | 7.5 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Nov 21, 2019 | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. | |
| CVE-2019-11043 | Hig | 8.7 | KEV | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | Oct 28, 2019 | In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code exec |
| CVE-2019-16163 | Hig | 7.5 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Sep 9, 2019 | Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. | |
| CVE-2019-11042 | Hig | 7.1 | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | Aug 9, 2019 | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may | |
| CVE-2019-11041 | Hig | 7.1 | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | Aug 9, 2019 | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may | |
| CVE-2019-13225 | Med | 6.5 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Jul 10, 2019 | A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. | |
| CVE-2019-13224 | Cri | 9.8 | < 1.5.2-1.module_el8.5.0+152+112d3b8c | 1.5.2-1.module_el8.5.0+152+112d3b8c | Jul 10, 2019 | A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string | |
| CVE-2019-11040 | Cri | 9.1 | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | Jun 19, 2019 | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may | |
| CVE-2019-11039 | Cri | 9.1 | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | Jun 19, 2019 | Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash. | |
| CVE-2019-11036 | Cri | 9.1 | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | May 3, 2019 | When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash. | |
| CVE-2019-11035 | Cri | 9.1 | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | Apr 18, 2019 | When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash. | |
| CVE-2019-11034 | Cri | 9.1 | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | Apr 18, 2019 | When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash. | |
| CVE-2019-9640 | Hig | 7.5 | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | Mar 9, 2019 | An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn. | |
| CVE-2019-9639 | Hig | 7.5 | < 1.5.1-2.module_el8.3.0+2010+7c76a223 | 1.5.1-2.module_el8.3.0+2010+7c76a223 | Mar 9, 2019 | An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable. |
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or cr
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to inf
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to inf
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is all
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code exec
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.
- affected < 1.5.2-1.module_el8.5.0+152+112d3b8cfixed 1.5.2-1.module_el8.5.0+152+112d3b8c
A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
- affected < 1.5.1-2.module_el8.3.0+2010+7c76a223fixed 1.5.1-2.module_el8.3.0+2010+7c76a223
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
Page 4 of 5