php7.0 vulnerabilities

Known vulnerabilities in the php7.0 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Release of Invalid Pointer or Reference	*
L Buffer Overflow	*
L CVE-2021-21707	*
H Out-of-bounds Write	<7.0.33-0+deb9u12
M Out-of-Bounds	<7.0.33-0+deb9u11
M Improper Input Validation	<7.0.33-0+deb9u11
H NULL Pointer Dereference	<7.0.33-0+deb9u11
M Improper Input Validation	<7.0.33-0+deb9u11
M Reliance on Cookies without Validation and Integrity Checking	<7.0.33-0+deb9u10
L Use After Free	<7.0.33-0+deb9u9
M Integer Overflow or Wraparound	<7.0.33-0+deb9u8
H Out-of-bounds Read	<7.0.33-0+deb9u8
M Out-of-bounds Read	<7.0.33-0+deb9u8
M CVE-2020-7066	<7.0.33-0+deb9u8
M Improper Preservation of Permissions	<7.0.33-0+deb9u8
H NULL Pointer Dereference	<7.0.33-0+deb9u8
C Out-of-bounds Read	<7.0.33-0+deb9u7
C Out-of-bounds Read	<7.0.33-0+deb9u7
M Out-of-bounds Read	<7.0.33-0+deb9u7
M Out-of-bounds Read	<7.0.33-0+deb9u7
M Arbitrary Code Injection	<7.0.33-0+deb9u7
M Out-of-bounds Read	<7.0.33-0+deb9u7
C Out-of-bounds Write	<7.0.33-0+deb9u6
H Out-of-bounds Write	<7.0.33-0+deb9u11
H Out-of-bounds Read	<7.0.33-0+deb9u5
H Out-of-bounds Read	<7.0.33-0+deb9u5
C Use After Free	<7.0.33-0+deb9u5
H Improper Input Validation	*
M Use of Uninitialized Resource	<7.0.33-0+deb9u5
C Out-of-bounds Read	<7.0.33-0+deb9u5
C Out-of-bounds Read	<7.0.33-0+deb9u5
C Out-of-bounds Read	<7.0.33-0+deb9u5
C Out-of-bounds Read	<7.0.33-0+deb9u5
C Out-of-bounds Read	<7.0.33-0+deb9u5
H Out-of-Bounds	<7.0.33-0+deb9u3
H Out-of-Bounds	<7.0.33-0+deb9u3
C Out-of-Bounds	<7.0.33-0+deb9u3
H Out-of-Bounds	<7.0.33-0+deb9u3
H Out-of-Bounds	<7.0.33-0+deb9u3
H Access Restriction Bypass	<7.0.33-0+deb9u3
H Out-of-bounds Read	<7.0.33-0+deb9u2
H Out-of-bounds Read	<7.0.33-0+deb9u2
C Out-of-bounds Read	<7.0.33-0+deb9u2
C Out-of-bounds Read	<7.0.33-0+deb9u2
C Out-of-bounds Read	<7.0.33-0+deb9u2
H Out-of-bounds Read	<7.0.33-0+deb9u1
L Out-of-bounds Write	*
H NULL Pointer Dereference	<7.0.33-0+deb9u1
H Arbitrary Argument Injection	<7.0.33-0+deb9u1
M Cross-site Scripting (XSS)	<7.0.33-0+deb9u1
H NULL Pointer Dereference	<7.0.27-1
H Out-of-bounds Read	<7.0.33-0+deb9u1
M Out-of-bounds Read	<7.0.33-0+deb9u1
L Out-of-bounds Read	*
L Integer Overflow or Wraparound	*
M Cross-site Scripting (XSS)	<7.0.30-0+deb9u1
M Information Exposure	<7.0.30-0+deb9u1
H NULL Pointer Dereference	<7.0.30-0+deb9u1
H Loop with Unreachable Exit Condition ('Infinite Loop')	<7.0.30-0+deb9u1
H Out-of-bounds Read	<7.0.30-0+deb9u1
C Out-of-Bounds	<7.0.30-0+deb9u1
L Resource Exhaustion	*
H Improper Input Validation	<7.0.3-1
M Cross-site Scripting (XSS)	<7.0.27-0+deb9u1
M Incorrect Conversion between Numeric Types	<7.0.27-0+deb9u1
H Out-of-bounds Read	<7.0.27-0+deb9u1
H Use After Free	<7.0.27-0+deb9u1
C Use After Free	<7.0.27-0+deb9u1
C Out-of-bounds Read	<7.0.27-0+deb9u1
L Information Exposure	<7.0.22-1
H Out-of-Bounds	<7.0.27-0+deb9u1
L Out-of-Bounds	<7.0.22-1
H Improper Input Validation	<7.0.13-1
H Resource Exhaustion	<7.0.17-1
H Information Exposure	<7.0.27-0+deb9u1
H Improper Check for Unusual or Exceptional Conditions	<7.0.27-0+deb9u1
C Out-of-bounds Read	<7.0.15-1
L Resource Exhaustion	*
L Improper Input Validation	*
H Out-of-bounds Write	<7.0.9-1
H Server-Side Request Forgery (SSRF)	*
L Integer Overflow or Wraparound	<7.0.15-1
L Improper Input Validation	<7.0.15-1
H Access Restriction Bypass	<7.0.14-1
H Numeric Errors	<7.0.15-1
C Out-of-Bounds	<7.0.15-1
H NULL Pointer Dereference	<7.0.15-1
H Out-of-bounds Read	<7.0.15-1
H Integer Overflow or Wraparound	<7.0.15-1
C Use After Free	<7.0.15-1
C Out-of-Bounds	<7.0.12-1
C Integer Overflow or Wraparound	<7.0.15-1
H CVE-2016-7478	<7.0.13-1
C Use After Free	<7.0.14-1
L Out-of-Bounds	<7.0.13-1
C Use After Free	<7.0.12-1
C Out-of-bounds Read	<7.0.14-1
C Use After Free	<7.0.12-1
H NULL Pointer Dereference	<7.0.13-1
L Integer Overflow or Wraparound	<7.0.12-1
H Out-of-Bounds	<7.0.11-1
H Out-of-Bounds	<7.0.11-1
C Out-of-Bounds	<7.0.11-1
C Improper Input Validation	<7.0.11-1
C Use After Free	<7.0.11-1
H Out-of-Bounds	<7.0.11-1
L Out-of-bounds Write	<7.0.10-1
M Information Exposure	<7.0.10-1
H Integer Overflow or Wraparound	<7.0.10-1
C Deserialization of Untrusted Data	<7.0.10-1
H NULL Pointer Dereference	<7.0.10-1
C Improper Input Validation	<7.0.10-1
H Arbitrary Code Injection	<7.0.10-1
L Out-of-bounds Write	<7.0.10-1
H NULL Pointer Dereference	<7.0.10-1
C Out-of-Bounds	<7.0.10-1
H NULL Pointer Dereference	<7.0.10-1
L Out-of-Bounds	<7.0.9-1
L Integer Overflow or Wraparound	<7.0.8-1
C Double Free	<7.0.6-1
C Double Free	<7.0.8-1
C Use After Free	<7.0.8-1
L Integer Overflow or Wraparound	<7.0.8-1
C Double Free	<7.0.8-1
C Integer Overflow or Wraparound	<7.0.8-1
H Out-of-bounds Read	<7.0.7-1
L Improper Input Validation	<7.0.9-1
C Integer Overflow or Wraparound	<7.0.8-1
C Integer Overflow or Wraparound	<7.0.6-1
L Out-of-bounds Read	<7.0.7-1
H Integer Overflow or Wraparound	<7.0.9-1
C Out-of-Bounds	<7.0.9-1
H Out-of-Bounds	<7.0.9-1
C Out-of-Bounds	<7.0.9-1
C Out-of-bounds Read	<7.0.9-1
C Use After Free	<7.0.9-1
C Use After Free	<7.0.9-1
M NULL Pointer Dereference	<7.0.9-1
H Improper Access Control	<7.0.9-1
H Out-of-Bounds	<7.0.3-1
C CVE-2015-8876	<7.0.0-1
C Numeric Errors	<7.0.4-1
C Improper Input Validation	<7.0.6-1
C Improper Input Validation	<7.0.6-1
C Numeric Errors	<7.0.4-1
C Out-of-Bounds	<7.0.6-1
C Numeric Errors	<7.0.4-1
C CVE-2016-4540	<7.0.6-1
C Out-of-Bounds	<7.0.6-1
C CVE-2016-4541	<7.0.6-1
C Out-of-Bounds	<7.0.6-1
C CVE-2015-8880	<7.0.1-1
C Out-of-Bounds	<7.0.6-1
H CVE-2016-4343	<7.0.3-1
L Resource Management Errors	<7.0.0-1
H Improper Input Validation	<7.0.0-1
H Cryptographic Issues	<7.0.0-1
C Out-of-Bounds	<7.0.5-1
C Improper Input Validation	<7.0.5-1
H Numeric Errors	<7.0.5-1
C Improper Input Validation	<7.0.5-1
H Out-of-Bounds	<7.0.5-1
C Out-of-Bounds	<7.0.3-1
H Improper Input Validation	<7.0.4-1
L Out-of-Bounds	<7.0.0-1
L Numeric Errors	<7.0.6-1
H Numeric Errors	<7.0.2-1
C Use of Externally-Controlled Format String	<7.0.1-1
H CVE-2015-8616	<7.0.1-1
C Out-of-Bounds	<7.0.2-1

Vulnerability

Vulnerable Version

Release of Invalid Pointer or Reference