VYPR

rpm package

almalinux/php-json

pkg:rpm/almalinux/php-json

Vulnerabilities (84)

  • CVE-2019-9022HigFeb 22, 2019
    affected < 7.2.24-1.module_el8.4.0+2228+7c76a223fixed 7.2.24-1.module_el8.4.0+2228+7c76a223

    An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. Thi

  • CVE-2019-9021CriFeb 22, 2019
    affected < 7.2.24-1.module_el8.4.0+2228+7c76a223fixed 7.2.24-1.module_el8.4.0+2228+7c76a223

    An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when tryi

  • CVE-2019-9020CriFeb 22, 2019
    affected < 7.2.24-1.module_el8.4.0+2228+7c76a223fixed 7.2.24-1.module_el8.4.0+2228+7c76a223

    An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in

  • CVE-2018-20783HigFeb 21, 2019
    affected < 7.2.24-1.module_el8.4.0+2228+7c76a223fixed 7.2.24-1.module_el8.4.0+2228+7c76a223

    In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_

Page 5 of 5