Gentoo Linux Security Advisory 202209-20 - Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation. Versions less than 7.4.30:7.4 are affected.
32033fadca7b14049c6a84194d227cf9986263bb6581ad379d00c7d51c73328c
Red Hat Security Advisory 2022-1935-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include bypass, privilege escalation, and server-side request forgery vulnerabilities.
5ac37a20c66d6dd00fcf5f109c3261ba56a23ac26523e73dc2b13bec0d586020
Red Hat Security Advisory 2021-2992-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include bypass, null pointer, and server-side request forgery vulnerabilities.
61efe316633000333debfe5fbd7bdc9c83ba4440e4d3949dc6ec72103b6bf99f
Debian Linux Security Advisory 4935-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result an SSRF bypass of the FILTER_VALIDATE_URL check and denial of service or potentially the execution of arbitrary code in the Firebird PDO.
5c5de3d94e5c01e0c46189886df935c5f426216b9c105ee49d6ee312d4327a61
Ubuntu Security Notice 5006-2 - USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
eedca1a470ded97b0623427c6e5fdcf4bb966c9f811fd215e5d150d46f82e283
Ubuntu Security Notice 5006-1 - It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled parsing URLs with passwords. A remote attacker could possibly use this issue to cause PHP to mis-parse the URL and produce wrong data. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Various other issues were also addressed.
6792ac22a8083ba4b2e659f4b0c17f306cecbe13cf953446ec618208f89b51a6