Search CVE reports
11 – 12 of 12 results
CVE-2023-3823
Medium prioritySome fixes available 5 of 6
In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed...
6 affected packages
php5, php7.0, php7.2, php7.4, php8.1, php8.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| php5 | Not in release | Not in release | Not in release | Not in release | Not in release |
| php7.0 | Not in release | Not in release | Not in release | Not in release | Fixed |
| php7.2 | Not in release | Not in release | Not in release | Fixed | Not in release |
| php7.4 | Not in release | Not in release | Fixed | Not in release | Not in release |
| php8.1 | Not in release | Fixed | Not in release | Not in release | Not in release |
| php8.2 | Not in release | Not in release | Not in release | Ignored | Ignored |
CVE-2023-3247
Medium prioritySome fixes available 6 of 7
In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should...
6 affected packages
php5, php7.0, php7.2, php7.4, php8.1, php8.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| php5 | — | Not in release | Not in release | Not in release | Not in release |
| php7.0 | — | Not in release | Not in release | Not in release | Fixed |
| php7.2 | — | Not in release | Not in release | Fixed | Not in release |
| php7.4 | — | Not in release | Fixed | Not in release | Not in release |
| php8.1 | — | Fixed | Not in release | Not in release | Not in release |
| php8.2 | — | Not in release | Not in release | Ignored | Ignored |