VYPR

Suhosin

by Hardened PHP

Source repositories

CVEs (2)

  • CVE-2012-0807Jan 27, 2012
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the suhosin_encrypt_single_cookie function in the transparent cookie-encryption feature in the Suhosin extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and suhosin.multiheader are enabled, might allow remote attackers to execute…

  • CVE-2007-3205Jun 13, 2007
    risk 0.00cvss epss 0.02

    The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is…