VYPR

rpm package

opensuse/php8&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/php8&distro=openSUSE%20Tumbleweed

Vulnerabilities (150)

  • CVE-2026-7263HigMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N() method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite

  • CVE-2026-6104CriMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb_convert_encoding() or related mbstring functions, the code incorrectly assumes that when strncasecmp() returns 0 it means the strings have the same le

  • CVE-2026-7568HigMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 byte

  • CVE-2026-7262HigMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element.  This leads to dereference

  • CVE-2026-7261CriMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when SoapServer is configured with SOAP_PERSISTENCE_SESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in a

  • CVE-2026-7259MedMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to  a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is explo

  • CVE-2026-7258HigMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, some functions, including urldecode(), pass signed char to ctype functions (like isxdigit()). On the systems with default signed char and optimized table-lookup ctype functions

  • CVE-2026-6735MedMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code (XSS) on the target's machine when

  • CVE-2026-6722CriMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains

  • CVE-2025-14179CriMay 10, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via str

  • CVE-2026-44928LowMay 8, 2026
    affected < 8.5.7-1.1fixed 8.5.7-1.1

    In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal.

  • CVE-2026-44927LowMay 8, 2026
    affected < 8.5.7-1.1fixed 8.5.7-1.1

    In uriparser before 1.0.2, there is pointer difference truncation to int in various places.

  • CVE-2026-42371MedApr 27, 2026
    affected < 8.5.6-1.1fixed 8.5.6-1.1

    uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.

  • CVE-2025-14177Dec 27, 2025
    affected < 8.4.16-1.1fixed 8.4.16-1.1

    In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://fi

  • CVE-2025-14178Dec 27, 2025
    affected < 8.4.16-1.1fixed 8.4.16-1.1

    In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in

  • CVE-2025-14180Dec 27, 2025
    affected < 8.4.16-1.1fixed 8.4.16-1.1

    In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may

  • CVE-2025-67899LowDec 14, 2025
    affected < 8.5.5-1.1fixed 8.5.5-1.1

    uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

  • CVE-2025-1735MedJul 13, 2025
    affected < 8.4.10-1.1fixed 8.4.10-1.1

    In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.

  • CVE-2025-1220LowJul 13, 2025
    affected < 8.4.10-1.1fixed 8.4.10-1.1

    In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in

  • CVE-2025-6491MedJul 13, 2025
    affected < 8.4.10-1.1fixed 8.4.10-1.1

    In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the

Page 1 of 8