Homepage

php:7.4/php vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the php:7.4/php package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
CVE-2024-9026

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
CVE-2024-8927

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
HTTP Request Smuggling

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Insufficient Verification of Data Authenticity

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
CVE-2024-3096

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
CVE-2024-2756

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Out-of-Bounds

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
XML External Entity (XXE) Injection

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Use of Insufficiently Random Values

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Allocation of Resources Without Limits or Throttling

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Use of Password Hash With Insufficient Computational Effort

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
NULL Pointer Dereference

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Improper Input Validation

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Reliance on Cookies without Validation and Integrity Checking

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Inadequate Encryption Strength

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Use After Free

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Release of Invalid Pointer or Reference

<0:7.4.19-4.module_el8.6.0+3238+624bf8b8
  • M
Link Following

<0:7.4.30-1.module_el8.7.0+3286+227f3cf0
  • M
Use After Free

<0:7.4.30-1.module_el8.7.0+3286+227f3cf0
  • M
CVE-2021-21707

<0:7.4.30-1.module_el8.7.0+3286+227f3cf0
  • M
Directory Traversal

<0:7.4.19-4.module_el8.6.0+3238+624bf8b8
  • M
CVE-2020-28949

<0:7.4.19-4.module_el8.6.0+3238+624bf8b8
  • M
Deserialization of Untrusted Data

<0:7.4.19-4.module_el8.6.0+3238+624bf8b8
  • M
Improper Input Validation

<0:7.4.19-2.module_el8.6.0+2750+78feabcb
  • M
Out-of-bounds Write

<0:7.4.19-2.module_el8.6.0+2750+78feabcb
  • M
Integer Overflow or Wraparound

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0
  • M
CVE-2022-31631

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0
  • M
Out-of-bounds Read

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0
  • M
CVE-2022-31629

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0