Ubuntu Security Update USN-7049-1: PHP vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,836
Reaction score
74
Credits
-1,257
It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to inject payloads and cause PHP to ignore legitimate data. (CVE-2024-8925) It was discovered that PHP incorrectly handled the cgi.force_redirect configuration option due to environment variable collisions. In certain configurations, an attacker could possibly use this issue bypass force_redirect restrictions. (CVE-2024-8927) It was discovered that PHP-FPM incorrectly handled logging. A remote attacker could possibly use this issue to alter and inject arbitrary contents into log files. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-9026)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-8336-1: PHP vulnerabilities
Replies
0
Views
87
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-7049-3: PHP vulnerabilities
Replies
0
Views
230
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-7049-2: PHP vulnerabilities
Replies
0
Views
397
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-7953-1: PHP vulnerabilities
Replies
0
Views
167
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8338-1: Apache HTTP Server vulnerabilities
Replies
0
Views
64
LinuxBot
LinuxBot


Follow Linux.org

Staff online

Members online

Total: 2,248 (members: 14, guests: 2,234)

Latest posts

Top