php:7.4/php-common vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the php:7.4/php-common package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
CVE-2024-9026

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
CVE-2024-8927

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
CVE-2024-8925

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Insufficient Verification of Data Authenticity

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
CVE-2024-3096

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
CVE-2024-2756

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Out-of-Bounds

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
XML External Entity (XXE) Injection

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Use of Insufficiently Random Values

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Allocation of Resources Without Limits or Throttling

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
Use of Password Hash With Insufficient Computational Effort

<0:7.4.33-2.module_el8.10.0+3935+28808425
  • M
NULL Pointer Dereference

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Improper Input Validation

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Reliance on Cookies without Validation and Integrity Checking

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Inadequate Encryption Strength

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Use After Free

<0:7.4.19-3.module_el8.6.0+2976+8b9a0d08
  • M
Release of Invalid Pointer or Reference

<0:7.4.19-4.module_el8.6.0+3238+624bf8b8
  • M
Link Following

<0:7.4.30-1.module_el8.7.0+3286+227f3cf0
  • M
Use After Free

<0:7.4.30-1.module_el8.7.0+3286+227f3cf0
  • M
CVE-2021-21707

<0:7.4.30-1.module_el8.7.0+3286+227f3cf0
  • M
Directory Traversal

<0:7.4.19-4.module_el8.6.0+3239+bedf0508
  • M
Arbitrary Code Injection

<0:7.4.19-4.module_el8.6.0+3239+bedf0508
  • M
Deserialization of Untrusted Data

<0:7.4.19-4.module_el8.6.0+3239+bedf0508
  • M
Improper Input Validation

<0:7.4.19-2.module_el8.6.0+2750+78feabcb
  • M
Out-of-bounds Write

<0:7.4.19-2.module_el8.6.0+2750+78feabcb
  • M
Integer Overflow or Wraparound

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0
  • M
CVE-2022-31631

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0
  • M
Out-of-bounds Read

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0
  • M
CVE-2022-31629

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:7.4.33-1.module_el8.8.0+3477+f828cbb0