In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade Oracle:8
libzip-tools
to version 0:1.6.1-1.module+el8.3.0+7685+72d70b58 or higher.
This issue was patched in ELSA-2023-2903
.
Note: Versions mentioned in the description apply only to the upstream libzip-tools
package and not the libzip-tools
package as distributed by Oracle
.
See How to fix?
for Oracle:8
relevant fixed versions and status.
In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities.