php vulnerabilities

Known vulnerabilities in the php package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Integer Overflow or Wraparound	*
L Server-Side Request Forgery (SSRF)	*
L Resource Exhaustion	*
L Link Following	*
L Insecure Temporary File	*
L Insecure Temporary File	*
L Access Restriction Bypass	*
M Information Exposure	*
M Stack-based Buffer Overflow	*
M Out-of-bounds Read	*
M Missing Initialization of a Variable	*
M CVE-2016-7478	*
M Unchecked Error Condition	*
M Improper Handling of Syntactically Invalid Structure	*
H Resource Management Errors	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	<0:5.1.6-3.el4s1.8
L Improper Input Validation	<0:5.1.6-3.el4s1.7
H Out-of-Bounds	<0:5.1.6-3.el4s1.7
M Integer Overflow or Wraparound	<0:5.1.6-3.el4s1.8
L CVE-2007-4670	<0:5.1.6-3.el4s1.8
L Information Exposure	<0:5.1.6-3.el4s1.10
M CVE-2007-5898	<0:5.1.6-3.el4s1.10
M CVE-2006-4484	<0:5.1.4-1.el4s1.4
L Insufficient Entropy	<0:5.1.6-3.el4s1.10
L Numeric Errors	<0:5.1.6-3.el4s1.10
M CVE-2008-2051	<0:5.1.6-3.el4s1.10
C Out-of-Bounds	<0:5.1.6-27.el5_6.7
C Out-of-Bounds	<0:5.1.6-23.6.el5_3
M Improper Input Validation	*
L NULL Pointer Dereference	*
M Use After Free	*
M Out-of-Bounds	*
M Improper Input Validation	*
M Numeric Errors	<0:5.1.4-1.el4s1.4
M Out-of-bounds Write	<0:5.1.4-1.el4s1.4
L CVE-2006-4485	<0:5.1.4-1.el4s1.4
L CVE-2006-4020	<0:5.1.4-1.el4s1.4
H CVE-2007-0910	<0:5.1.6-3.el4s1.5
M Out-of-Bounds	<0:5.1.6-3.el4s1.5
M Uncontrolled Recursion	<0:5.1.6-3.el4s1.6
L CVE-2007-0909	<0:5.1.6-3.el4s1.5
H Out-of-Bounds	<0:5.1.6-3.el4s1.5
L CVE-2007-0907	<0:5.1.6-3.el4s1.5
L CVE-2007-1718	<0:5.1.6-3.el4s1.6
M Improper Input Validation	<0:5.1.6-3.el4s1.5
L CVE-2007-1583	<0:5.1.6-3.el4s1.6
M Use After Free	*
M CVE-2015-6832	*
M Directory Traversal	*
M Off-by-one Error	*
M NULL Pointer Dereference	*
M Integer Overflow or Wraparound	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Use After Free	*
L Information Exposure	*
C Arbitrary Command Injection	*
C Arbitrary Command Injection	<0:5.1.6-23.3.el5_3
H Arbitrary Code Injection	<0:5.1.4-1.el4s1.4
M Numeric Errors	<0:5.1.6-3.el4s1.6
M Improper Input Validation	*
M Improper Input Validation	*
M Incorrect Check of Function Return Value	*
M Incorrect Calculation	*
L Improper Input Validation	*
L Out-of-bounds Read	*
C Stack-based Buffer Overflow	<0:4.3.9-3.38.el4
L Use After Free	*
L Use After Free	*
L Use After Free	*
L Use After Free	*
C Out-of-bounds Write	<0:5.1.6-23.4.el5_3
C Out-of-bounds Write	<0:4.3.9-3.37.el4
C Out-of-bounds Write	<0:4.3.2-56.ent
L Memory Leak	*
M Null Byte Interaction Error (Poison Null Byte)	*
M Access Restriction Bypass	*
M Use After Free	*
M Missing Initialization of a Variable	*
H CVE-2006-5465	<0:5.1.4-1.el4s1.5
H Deserialization of Untrusted Data	<0:5.1.6-3.el4s1.5
L Buffer Overflow	<0:5.1.6-3.el4s1.6
H CVE-2007-1825	<0:5.1.6-3.el4s1.5
L Arbitrary Code Injection	<0:5.1.6-3.el4s1.10
H CVE-2007-1380	<0:5.1.6-3.el4s1.5
M Out-of-Bounds	<0:5.1.6-3.el4s1.7
M Integer Overflow or Wraparound	<0:5.1.6-3.el4s1.8
L Improper Input Validation	<0:5.1.6-3.el4s1.8
L Improper Input Validation	<0:5.1.6-3.el4s1.8
L CVE-2007-4658	<0:5.1.6-3.el4s1.8
M Access Restriction Bypass	<0:5.1.6-3.el4s1.9
C Out-of-Bounds	*
C Out-of-Bounds	*
C Out-of-Bounds	<0:5.1.6-23.5.el5_3
C Out-of-Bounds	<0:4.3.9-3.37.el4.1
C Out-of-Bounds	<0:4.3.2-57.ent
M XML External Entity (XXE) Injection	*
M Out-of-Bounds	*

Vulnerability

Vulnerable Version

Integer Overflow or Wraparound