{ "document": { "aggregate_severity": { "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "* SECURITY UPDATE: soap extension use-after-free via apache:Map duplicate keys\n - debian/patches/php-5.2-CVE-2026-6722.patch: backport upstream commit\n aee3b3ac9b in ext/soap/php_encoding.c — adapt addref/dtor changes\n to pre-PHP7 zval** SOAP API.\n - Note: the 5.2 backport applies the addref half of the upstream fix only;\n the matching ref_map destructor change (NULL -> ZVAL_PTR_DTOR) is\n intentionally omitted because in 5.x ref_map is heterogeneous (stores\n both xmlNodePtr and zval* entries through the same API) and a\n ZVAL_PTR_DTOR would corrupt the xmlNodePtr entries. The addref alone\n closes the UAF; cost is one bounded zval leak per request, released\n with the emalloc pool at RSHUTDOWN.\n - CVE-2026-6722\n * SECURITY UPDATE: soap extension NULL pointer dereference via apache:Map\n item missing element\n - debian/patches/php-5.2-CVE-2026-7262.patch: backport upstream commit\n 79551ab8b1 in ext/soap/php_encoding.c — fix typo'd null check in\n to_zval_map() (was checking xmlKey, should check xmlValue).\n - CVE-2026-7262\n * SECURITY UPDATE: soap extension use-after-free after header parsing\n failure with SOAP_PERSISTENCE_SESSION\n - debian/patches/php-5.2-CVE-2026-7261.patch: backport upstream commit\n db2a7f9348 in ext/soap/soap.c — wrap both zval_ptr_dtor(&soap_obj)\n sites in the header-handler failure paths with a\n persistance!=SOAP_PERSISTENCE_SESSION guard.\n - CVE-2026-7261", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_alt_php/debian13/advisories/2026/clsa-2026_1779439736.json" } ], "tracking": { "current_release_date": "2026-06-23T11:38:06Z", "generator": { "date": "2026-06-23T11:38:05Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1779439736", "initial_release_date": "2026-05-22T08:51:10Z", "revision_history": [ { "date": "2026-05-22T08:51:10Z", "number": "1", "summary": "Initial version" }, { "date": "2026-06-19T15:08:17Z", "number": "2", "summary": "Update document" }, { "date": "2026-06-23T11:38:06Z", "number": "3", "summary": "Update document" } ], "status": "final", "version": "3" }, "title": "Fix CVE(s): CVE-2026-6722, CVE-2026-7261, CVE-2026-7262" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian 13", "product": { "name": "Debian 13", "product_id": "Debian-13", "product_identification_helper": { "cpe": "cpe:2.3:o:debian:debian_linux:13:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Debian" } ], "category": "vendor", "name": "Software in the Public Interest, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "alt-php52-sybase-0:5.2.17-221.amd64", "product": { "name": "alt-php52-sybase-0:5.2.17-221.amd64", "product_id": "alt-php52-sybase-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-sybase@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-recode-0:5.2.17-221.amd64", "product": { "name": "alt-php52-recode-0:5.2.17-221.amd64", "product_id": "alt-php52-recode-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-recode@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-sqlite-0:5.2.17-221.amd64", "product": { "name": "alt-php52-sqlite-0:5.2.17-221.amd64", "product_id": "alt-php52-sqlite-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-sqlite@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-pspell-0:5.2.17-221.amd64", "product": { "name": "alt-php52-pspell-0:5.2.17-221.amd64", "product_id": "alt-php52-pspell-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-pspell@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-enchant-0:5.2.17-221.amd64", "product": { "name": "alt-php52-enchant-0:5.2.17-221.amd64", "product_id": "alt-php52-enchant-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-enchant@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-tidy-0:5.2.17-221.amd64", "product": { "name": "alt-php52-tidy-0:5.2.17-221.amd64", "product_id": "alt-php52-tidy-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-tidy@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-0:5.2.17-221.amd64", "product": { "name": "alt-php52-0:5.2.17-221.amd64", "product_id": "alt-php52-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-soap-0:5.2.17-221.amd64", "product": { "name": "alt-php52-soap-0:5.2.17-221.amd64", "product_id": "alt-php52-soap-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-soap@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-pgsql-0:5.2.17-221.amd64", "product": { "name": "alt-php52-pgsql-0:5.2.17-221.amd64", "product_id": "alt-php52-pgsql-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-pgsql@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-snmp-0:5.2.17-221.amd64", "product": { "name": "alt-php52-snmp-0:5.2.17-221.amd64", "product_id": "alt-php52-snmp-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-snmp@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-imap-0:5.2.17-221.amd64", "product": { "name": "alt-php52-imap-0:5.2.17-221.amd64", "product_id": "alt-php52-imap-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-imap@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-ldap-0:5.2.17-221.amd64", "product": { "name": "alt-php52-ldap-0:5.2.17-221.amd64", "product_id": "alt-php52-ldap-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-ldap@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-common-0:5.2.17-221.amd64", "product": { "name": "alt-php52-common-0:5.2.17-221.amd64", "product_id": "alt-php52-common-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-common@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-gd-0:5.2.17-221.amd64", "product": { "name": "alt-php52-gd-0:5.2.17-221.amd64", "product_id": "alt-php52-gd-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-gd@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-cli-0:5.2.17-221.amd64", "product": { "name": "alt-php52-cli-0:5.2.17-221.amd64", "product_id": "alt-php52-cli-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-cli@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-process-0:5.2.17-221.amd64", "product": { "name": "alt-php52-process-0:5.2.17-221.amd64", "product_id": "alt-php52-process-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-process@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-dev-0:5.2.17-221.amd64", "product": { "name": "alt-php52-dev-0:5.2.17-221.amd64", "product_id": "alt-php52-dev-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-dev@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-mcrypt-0:5.2.17-221.amd64", "product": { "name": "alt-php52-mcrypt-0:5.2.17-221.amd64", "product_id": "alt-php52-mcrypt-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-mcrypt@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-intl-0:5.2.17-221.amd64", "product": { "name": "alt-php52-intl-0:5.2.17-221.amd64", "product_id": "alt-php52-intl-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-intl@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-mysqlnd-0:5.2.17-221.amd64", "product": { "name": "alt-php52-mysqlnd-0:5.2.17-221.amd64", "product_id": "alt-php52-mysqlnd-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-mysqlnd@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-dba-0:5.2.17-221.amd64", "product": { "name": "alt-php52-dba-0:5.2.17-221.amd64", "product_id": "alt-php52-dba-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-dba@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-xml-0:5.2.17-221.amd64", "product": { "name": "alt-php52-xml-0:5.2.17-221.amd64", "product_id": "alt-php52-xml-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-xml@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-odbc-0:5.2.17-221.amd64", "product": { "name": "alt-php52-odbc-0:5.2.17-221.amd64", "product_id": "alt-php52-odbc-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-odbc@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-bcmath-0:5.2.17-221.amd64", "product": { "name": "alt-php52-bcmath-0:5.2.17-221.amd64", "product_id": "alt-php52-bcmath-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-bcmath@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-pdo-0:5.2.17-221.amd64", "product": { "name": "alt-php52-pdo-0:5.2.17-221.amd64", "product_id": "alt-php52-pdo-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-pdo@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-dbx-0:5.2.17-221.amd64", "product": { "name": "alt-php52-dbx-0:5.2.17-221.amd64", "product_id": "alt-php52-dbx-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-dbx@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-xmlrpc-0:5.2.17-221.amd64", "product": { "name": "alt-php52-xmlrpc-0:5.2.17-221.amd64", "product_id": "alt-php52-xmlrpc-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-xmlrpc@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-firebird-0:5.2.17-221.amd64", "product": { "name": "alt-php52-firebird-0:5.2.17-221.amd64", "product_id": "alt-php52-firebird-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-firebird@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-mbstring-0:5.2.17-221.amd64", "product": { "name": "alt-php52-mbstring-0:5.2.17-221.amd64", "product_id": "alt-php52-mbstring-0:5.2.17-221.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-mbstring@5.2.17-221?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-tidy-0:5.2.17-218.amd64", "product": { "name": "alt-php52-tidy-0:5.2.17-218.amd64", "product_id": "alt-php52-tidy-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-tidy@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-mcrypt-0:5.2.17-218.amd64", "product": { "name": "alt-php52-mcrypt-0:5.2.17-218.amd64", "product_id": "alt-php52-mcrypt-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-mcrypt@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-imap-0:5.2.17-218.amd64", "product": { "name": "alt-php52-imap-0:5.2.17-218.amd64", "product_id": "alt-php52-imap-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-imap@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-cli-0:5.2.17-218.amd64", "product": { "name": "alt-php52-cli-0:5.2.17-218.amd64", "product_id": "alt-php52-cli-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-cli@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-dba-0:5.2.17-218.amd64", "product": { "name": "alt-php52-dba-0:5.2.17-218.amd64", "product_id": "alt-php52-dba-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-dba@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-recode-0:5.2.17-218.amd64", "product": { "name": "alt-php52-recode-0:5.2.17-218.amd64", "product_id": "alt-php52-recode-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-recode@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-mysqlnd-0:5.2.17-218.amd64", "product": { "name": "alt-php52-mysqlnd-0:5.2.17-218.amd64", "product_id": "alt-php52-mysqlnd-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-mysqlnd@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-mbstring-0:5.2.17-218.amd64", "product": { "name": "alt-php52-mbstring-0:5.2.17-218.amd64", "product_id": "alt-php52-mbstring-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-mbstring@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-common-0:5.2.17-218.amd64", "product": { "name": "alt-php52-common-0:5.2.17-218.amd64", "product_id": "alt-php52-common-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-common@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-pgsql-0:5.2.17-218.amd64", "product": { "name": "alt-php52-pgsql-0:5.2.17-218.amd64", "product_id": "alt-php52-pgsql-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-pgsql@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-dbx-0:5.2.17-218.amd64", "product": { "name": "alt-php52-dbx-0:5.2.17-218.amd64", "product_id": "alt-php52-dbx-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-dbx@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-xml-0:5.2.17-218.amd64", "product": { "name": "alt-php52-xml-0:5.2.17-218.amd64", "product_id": "alt-php52-xml-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-xml@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-firebird-0:5.2.17-218.amd64", "product": { "name": "alt-php52-firebird-0:5.2.17-218.amd64", "product_id": "alt-php52-firebird-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-firebird@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-pspell-0:5.2.17-218.amd64", "product": { "name": "alt-php52-pspell-0:5.2.17-218.amd64", "product_id": "alt-php52-pspell-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-pspell@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-process-0:5.2.17-218.amd64", "product": { "name": "alt-php52-process-0:5.2.17-218.amd64", "product_id": "alt-php52-process-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-process@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-ldap-0:5.2.17-218.amd64", "product": { "name": "alt-php52-ldap-0:5.2.17-218.amd64", "product_id": "alt-php52-ldap-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-ldap@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-odbc-0:5.2.17-218.amd64", "product": { "name": "alt-php52-odbc-0:5.2.17-218.amd64", "product_id": "alt-php52-odbc-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-odbc@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-soap-0:5.2.17-218.amd64", "product": { "name": "alt-php52-soap-0:5.2.17-218.amd64", "product_id": "alt-php52-soap-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-soap@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-gd-0:5.2.17-218.amd64", "product": { "name": "alt-php52-gd-0:5.2.17-218.amd64", "product_id": "alt-php52-gd-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-gd@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-pdo-0:5.2.17-218.amd64", "product": { "name": "alt-php52-pdo-0:5.2.17-218.amd64", "product_id": "alt-php52-pdo-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-pdo@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-dev-0:5.2.17-218.amd64", "product": { "name": "alt-php52-dev-0:5.2.17-218.amd64", "product_id": "alt-php52-dev-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-dev@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-0:5.2.17-218.amd64", "product": { "name": "alt-php52-0:5.2.17-218.amd64", "product_id": "alt-php52-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-enchant-0:5.2.17-218.amd64", "product": { "name": "alt-php52-enchant-0:5.2.17-218.amd64", "product_id": "alt-php52-enchant-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-enchant@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-bcmath-0:5.2.17-218.amd64", "product": { "name": "alt-php52-bcmath-0:5.2.17-218.amd64", "product_id": "alt-php52-bcmath-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-bcmath@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-xmlrpc-0:5.2.17-218.amd64", "product": { "name": "alt-php52-xmlrpc-0:5.2.17-218.amd64", "product_id": "alt-php52-xmlrpc-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-xmlrpc@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-intl-0:5.2.17-218.amd64", "product": { "name": "alt-php52-intl-0:5.2.17-218.amd64", "product_id": "alt-php52-intl-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-intl@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-snmp-0:5.2.17-218.amd64", "product": { "name": "alt-php52-snmp-0:5.2.17-218.amd64", "product_id": "alt-php52-snmp-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-snmp@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-sqlite-0:5.2.17-218.amd64", "product": { "name": "alt-php52-sqlite-0:5.2.17-218.amd64", "product_id": "alt-php52-sqlite-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-sqlite@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-sybase-0:5.2.17-218.amd64", "product": { "name": "alt-php52-sybase-0:5.2.17-218.amd64", "product_id": "alt-php52-sybase-0:5.2.17-218.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-sybase@5.2.17-218?arch=amd64&os_name=debian&os_version=13" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "alt-php52-sybase-0:5.2.17-221.arm64", "product": { "name": "alt-php52-sybase-0:5.2.17-221.arm64", "product_id": "alt-php52-sybase-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-sybase@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-recode-0:5.2.17-221.arm64", "product": { "name": "alt-php52-recode-0:5.2.17-221.arm64", "product_id": "alt-php52-recode-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-recode@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-sqlite-0:5.2.17-221.arm64", "product": { "name": "alt-php52-sqlite-0:5.2.17-221.arm64", "product_id": "alt-php52-sqlite-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-sqlite@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-pspell-0:5.2.17-221.arm64", "product": { "name": "alt-php52-pspell-0:5.2.17-221.arm64", "product_id": "alt-php52-pspell-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-pspell@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-enchant-0:5.2.17-221.arm64", "product": { "name": "alt-php52-enchant-0:5.2.17-221.arm64", "product_id": "alt-php52-enchant-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-enchant@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-tidy-0:5.2.17-221.arm64", "product": { "name": "alt-php52-tidy-0:5.2.17-221.arm64", "product_id": "alt-php52-tidy-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-tidy@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-0:5.2.17-221.arm64", "product": { "name": "alt-php52-0:5.2.17-221.arm64", "product_id": "alt-php52-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-soap-0:5.2.17-221.arm64", "product": { "name": "alt-php52-soap-0:5.2.17-221.arm64", "product_id": "alt-php52-soap-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-soap@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-pgsql-0:5.2.17-221.arm64", "product": { "name": "alt-php52-pgsql-0:5.2.17-221.arm64", "product_id": "alt-php52-pgsql-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-pgsql@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-snmp-0:5.2.17-221.arm64", "product": { "name": "alt-php52-snmp-0:5.2.17-221.arm64", "product_id": "alt-php52-snmp-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-snmp@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-imap-0:5.2.17-221.arm64", "product": { "name": "alt-php52-imap-0:5.2.17-221.arm64", "product_id": "alt-php52-imap-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-imap@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-ldap-0:5.2.17-221.arm64", "product": { "name": "alt-php52-ldap-0:5.2.17-221.arm64", "product_id": "alt-php52-ldap-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-ldap@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-common-0:5.2.17-221.arm64", "product": { "name": "alt-php52-common-0:5.2.17-221.arm64", "product_id": "alt-php52-common-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-common@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-gd-0:5.2.17-221.arm64", "product": { "name": "alt-php52-gd-0:5.2.17-221.arm64", "product_id": "alt-php52-gd-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-gd@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-cli-0:5.2.17-221.arm64", "product": { "name": "alt-php52-cli-0:5.2.17-221.arm64", "product_id": "alt-php52-cli-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-cli@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-process-0:5.2.17-221.arm64", "product": { "name": "alt-php52-process-0:5.2.17-221.arm64", "product_id": "alt-php52-process-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-process@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-dev-0:5.2.17-221.arm64", "product": { "name": "alt-php52-dev-0:5.2.17-221.arm64", "product_id": "alt-php52-dev-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-dev@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-mcrypt-0:5.2.17-221.arm64", "product": { "name": "alt-php52-mcrypt-0:5.2.17-221.arm64", "product_id": "alt-php52-mcrypt-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-mcrypt@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-intl-0:5.2.17-221.arm64", "product": { "name": "alt-php52-intl-0:5.2.17-221.arm64", "product_id": "alt-php52-intl-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-intl@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-mysqlnd-0:5.2.17-221.arm64", "product": { "name": "alt-php52-mysqlnd-0:5.2.17-221.arm64", "product_id": "alt-php52-mysqlnd-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-mysqlnd@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-dba-0:5.2.17-221.arm64", "product": { "name": "alt-php52-dba-0:5.2.17-221.arm64", "product_id": "alt-php52-dba-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-dba@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-xml-0:5.2.17-221.arm64", "product": { "name": "alt-php52-xml-0:5.2.17-221.arm64", "product_id": "alt-php52-xml-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-xml@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-odbc-0:5.2.17-221.arm64", "product": { "name": "alt-php52-odbc-0:5.2.17-221.arm64", "product_id": "alt-php52-odbc-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-odbc@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-bcmath-0:5.2.17-221.arm64", "product": { "name": "alt-php52-bcmath-0:5.2.17-221.arm64", "product_id": "alt-php52-bcmath-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-bcmath@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-pdo-0:5.2.17-221.arm64", "product": { "name": "alt-php52-pdo-0:5.2.17-221.arm64", "product_id": "alt-php52-pdo-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-pdo@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-dbx-0:5.2.17-221.arm64", "product": { "name": "alt-php52-dbx-0:5.2.17-221.arm64", "product_id": "alt-php52-dbx-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-dbx@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-xmlrpc-0:5.2.17-221.arm64", "product": { "name": "alt-php52-xmlrpc-0:5.2.17-221.arm64", "product_id": "alt-php52-xmlrpc-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-xmlrpc@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-firebird-0:5.2.17-221.arm64", "product": { "name": "alt-php52-firebird-0:5.2.17-221.arm64", "product_id": "alt-php52-firebird-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-firebird@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } }, { "category": "product_version", "name": "alt-php52-mbstring-0:5.2.17-221.arm64", "product": { "name": "alt-php52-mbstring-0:5.2.17-221.arm64", "product_id": "alt-php52-mbstring-0:5.2.17-221.arm64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-php52-mbstring@5.2.17-221?arch=arm64&os_name=debian&os_version=13" } } } ], "category": "architecture", "name": "arm64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "alt-php52-sybase-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-sybase-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-sybase-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-sybase-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-recode-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-recode-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-recode-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-recode-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-recode-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-recode-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-sqlite-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-sqlite-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-sqlite-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-sqlite-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-pspell-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-pspell-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-pspell-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-pspell-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-enchant-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-enchant-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-enchant-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-enchant-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-tidy-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-tidy-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-tidy-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-tidy-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-soap-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-soap-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-soap-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-soap-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-soap-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-soap-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-pgsql-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-pgsql-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-pgsql-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-pgsql-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-snmp-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-snmp-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-snmp-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-snmp-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-imap-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-imap-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-imap-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-imap-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-imap-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-imap-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-ldap-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-ldap-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-ldap-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-ldap-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-common-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-common-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-common-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-common-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-common-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-common-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-gd-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-gd-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-gd-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-gd-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-gd-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-gd-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-cli-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-cli-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-cli-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-cli-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-cli-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-cli-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-process-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-process-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-process-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-process-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-process-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-process-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-dev-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-dev-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-dev-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-dev-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-dev-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-dev-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-mcrypt-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-mcrypt-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-mcrypt-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-mcrypt-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-intl-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-intl-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-intl-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-intl-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-intl-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-intl-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-mysqlnd-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-mysqlnd-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-mysqlnd-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-mysqlnd-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-dba-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-dba-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-dba-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-dba-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-dba-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-dba-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-xml-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-xml-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-xml-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-xml-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-xml-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-xml-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-odbc-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-odbc-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-odbc-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-odbc-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-bcmath-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-bcmath-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-bcmath-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-bcmath-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-pdo-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-pdo-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-pdo-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-pdo-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-dbx-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-dbx-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-dbx-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-dbx-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-xmlrpc-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-xmlrpc-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-xmlrpc-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-xmlrpc-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-firebird-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-firebird-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-firebird-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-firebird-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-mbstring-0:5.2.17-221.arm64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64" }, "product_reference": "alt-php52-mbstring-0:5.2.17-221.arm64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-mbstring-0:5.2.17-221.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64" }, "product_reference": "alt-php52-mbstring-0:5.2.17-221.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-tidy-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-tidy-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-mcrypt-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-mcrypt-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-imap-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-imap-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-imap-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-cli-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-cli-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-cli-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-dba-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-dba-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-dba-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-recode-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-recode-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-recode-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-mysqlnd-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-mysqlnd-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-mbstring-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-mbstring-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-common-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-common-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-common-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-pgsql-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-pgsql-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-dbx-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-dbx-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-xml-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-xml-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-xml-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-firebird-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-firebird-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-pspell-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-pspell-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-process-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-process-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-process-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-ldap-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-ldap-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-odbc-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-odbc-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-soap-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-soap-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-soap-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-gd-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-gd-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-gd-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-pdo-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-pdo-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-dev-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-dev-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-dev-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-enchant-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-enchant-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-bcmath-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-bcmath-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-xmlrpc-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-xmlrpc-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-intl-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-intl-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-intl-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-snmp-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-snmp-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-sqlite-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-sqlite-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" }, { "category": "default_component_of", "full_product_name": { "name": "alt-php52-sybase-0:5.2.17-218.amd64 as a component of Debian 13", "product_id": "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64" }, "product_reference": "alt-php52-sybase-0:5.2.17-218.amd64", "relates_to_product_reference": "Debian-13" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-6420", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2013-6420" }, { "category": "external", "summary": "http://forums.interworx.com/threads/8000-InterWorx-Version-5-0-14-Released-on-Beta-Channel%21", "url": "http://forums.interworx.com/threads/8000-InterWorx-Version-5-0-14-Released-on-Beta-Channel%21" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=c1224573c773b6845e83505f717fbf820fc18415", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=c1224573c773b6845e83505f717fbf820fc18415" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html", "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html", "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2013-1813.html", "url": "http://rhn.redhat.com/errata/RHSA-2013-1813.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2013-1815.html", "url": "http://rhn.redhat.com/errata/RHSA-2013-1815.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2013-1824.html", "url": "http://rhn.redhat.com/errata/RHSA-2013-1824.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2013-1825.html", "url": "http://rhn.redhat.com/errata/RHSA-2013-1825.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2013-1826.html", "url": "http://rhn.redhat.com/errata/RHSA-2013-1826.html" }, { "category": "external", "summary": "http://secunia.com/advisories/59652", "url": "http://secunia.com/advisories/59652" }, { "category": "external", "summary": "http://support.apple.com/kb/HT6150", "url": "http://support.apple.com/kb/HT6150" }, { "category": "external", "summary": "http://www.debian.org/security/2013/dsa-2816", "url": "http://www.debian.org/security/2013/dsa-2816" }, { "category": "external", "summary": "http://www.php.net/ChangeLog-5.php", "url": "http://www.php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/64225", "url": "http://www.securityfocus.com/bid/64225" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1029472", "url": "http://www.securitytracker.com/id/1029472" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-2055-1", "url": "http://www.ubuntu.com/usn/USN-2055-1" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=1036830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1036830" }, { "category": "external", "summary": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322", "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322" }, { "category": "external", "summary": "https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html", "url": "https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html" } ], "release_date": "2013-12-17T04:46:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2013-12-17T04:46:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2015-3330", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "description", "text": "The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a \"deconfigured interpreter.\"", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-3330" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=809610f5ea38a83b284e1125d1fff129bdd615e7", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=809610f5ea38a83b284e1125d1fff129bdd615e7" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html" }, { "category": "external", "summary": "http://openwall.com/lists/oss-security/2015/04/17/7", "url": "http://openwall.com/lists/oss-security/2015/04/17/7" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1066.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/74204", "url": "http://www.securityfocus.com/bid/74204" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1033703", "url": "http://www.securitytracker.com/id/1033703" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-2572-1", "url": "http://www.ubuntu.com/usn/USN-2572-1" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=68486", "url": "https://bugs.php.net/bug.php?id=68486" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69218", "url": "https://bugs.php.net/bug.php?id=69218" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" }, { "category": "external", "summary": "https://support.apple.com/HT205267", "url": "https://support.apple.com/HT205267" }, { "category": "external", "summary": "https://support.apple.com/kb/HT205031", "url": "https://support.apple.com/kb/HT205031" } ], "release_date": "2015-06-09T18:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-06-09T18:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2016-5766", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "description", "text": "Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2016-5766" }, { "category": "external", "summary": "http://github.com/php/php-src/commit/7722455726bec8c53458a32851d2a87982cf0eac?w=1", "url": "http://github.com/php/php-src/commit/7722455726bec8c53458a32851d2a87982cf0eac?w=1" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html", "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://php.net/ChangeLog-7.php", "url": "http://php.net/ChangeLog-7.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2016-2598.html", "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "category": "external", "summary": "http://www.debian.org/security/2016/dsa-3619", "url": "http://www.debian.org/security/2016/dsa-3619" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2016/06/23/4", "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-3030-1", "url": "http://www.ubuntu.com/usn/USN-3030-1" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=72339", "url": "https://bugs.php.net/bug.php?id=72339" }, { "category": "external", "summary": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "category": "external", "summary": "https://libgd.github.io/release-2.2.3.html", "url": "https://libgd.github.io/release-2.2.3.html" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201612-09", "url": "https://security.gentoo.org/glsa/201612-09" } ], "release_date": "2016-08-07T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2016-08-07T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2015-2787", "notes": [ { "category": "description", "text": "Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-2787" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html" }, { "category": "external", "summary": "http://marc.info/?l=bugtraq&m=143748090628601&w=2", "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2" }, { "category": "external", "summary": "http://marc.info/?l=bugtraq&m=144050155601375&w=2", "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1053.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1066.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/73431", "url": "http://www.securityfocus.com/bid/73431" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032485", "url": "http://www.securitytracker.com/id/1032485" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-2572-1", "url": "http://www.ubuntu.com/usn/USN-2572-1" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=68976", "url": "https://bugs.php.net/bug.php?id=68976" }, { "category": "external", "summary": "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d", "url": "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" }, { "category": "external", "summary": "https://support.apple.com/HT205267", "url": "https://support.apple.com/HT205267" }, { "category": "external", "summary": "https://support.apple.com/kb/HT205031", "url": "https://support.apple.com/kb/HT205031" } ], "release_date": "2015-03-30T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-03-30T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2015-2301", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-2301" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b2cf3f064b8f5efef89bb084521b61318c71781b", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b2cf3f064b8f5efef89bb084521b61318c71781b" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html", "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html" }, { "category": "external", "summary": "http://marc.info/?l=bugtraq&m=143403519711434&w=2", "url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2" }, { "category": "external", "summary": "http://marc.info/?l=bugtraq&m=143748090628601&w=2", "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2" }, { "category": "external", "summary": "http://marc.info/?l=bugtraq&m=144050155601375&w=2", "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2" }, { "category": "external", "summary": "http://openwall.com/lists/oss-security/2015/03/15/6", "url": "http://openwall.com/lists/oss-security/2015/03/15/6" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1053.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1066.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.debian.org/security/2015/dsa-3198", "url": "http://www.debian.org/security/2015/dsa-3198" }, { "category": "external", "summary": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/73037", "url": "http://www.securityfocus.com/bid/73037" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1031949", "url": "http://www.securitytracker.com/id/1031949" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-2535-1", "url": "http://www.ubuntu.com/usn/USN-2535-1" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=68901", "url": "https://bugs.php.net/bug.php?id=68901" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=1194747", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194747" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" }, { "category": "external", "summary": "https://support.apple.com/HT205267", "url": "https://support.apple.com/HT205267" } ], "release_date": "2015-03-30T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-03-30T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2026-7262", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element.  This leads to dereferences a NULL pointer, causing a segmentation fault. This allows a remote unauthenticated attacker to crash the PHP SOAP server process, resulting in denial of service.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2026-7262" }, { "category": "external", "summary": "https://github.com/php/php-src/security/advisories/GHSA-hmxp-6pc4-f3vv", "url": "https://github.com/php/php-src/security/advisories/GHSA-hmxp-6pc4-f3vv" } ], "release_date": "2026-05-10T05:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2026-05-10T05:16:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2015-4643", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4643" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2" }, { "category": "external", "summary": "http://openwall.com/lists/oss-security/2015/06/18/6", "url": "http://openwall.com/lists/oss-security/2015/06/18/6" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.debian.org/security/2015/dsa-3344", "url": "http://www.debian.org/security/2015/dsa-3344" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/75291", "url": "http://www.securityfocus.com/bid/75291" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032709", "url": "http://www.securitytracker.com/id/1032709" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69545", "url": "https://bugs.php.net/bug.php?id=69545" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" } ], "release_date": "2016-05-16T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2016-05-16T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2012-2688", "notes": [ { "category": "description", "text": "Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an \"overflow.\"", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2012-2688" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00021.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00021.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00022.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00022.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2013-1307.html", "url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html" }, { "category": "external", "summary": "http://secunia.com/advisories/55078", "url": "http://secunia.com/advisories/55078" }, { "category": "external", "summary": "http://support.apple.com/kb/HT5501", "url": "http://support.apple.com/kb/HT5501" }, { "category": "external", "summary": "http://www.debian.org/security/2012/dsa-2527", "url": "http://www.debian.org/security/2012/dsa-2527" }, { "category": "external", "summary": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:108" }, { "category": "external", "summary": "http://www.php.net/ChangeLog-5.php", "url": "http://www.php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/54638", "url": "http://www.securityfocus.com/bid/54638" }, { "category": "external", "summary": "http://www.securitytracker.com/id?1027287", "url": "http://www.securitytracker.com/id?1027287" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-1569-1", "url": "http://www.ubuntu.com/usn/USN-1569-1" }, { "category": "external", "summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77155", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77155" }, { "category": "external", "summary": "https://hermes.opensuse.org/messages/15376003", "url": "https://hermes.opensuse.org/messages/15376003" } ], "release_date": "2012-07-20T10:40:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2012-07-20T10:40:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2015-4603", "notes": [ { "category": "description", "text": "The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4603" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2015/06/16/12", "url": "http://www.openwall.com/lists/oss-security/2015/06/16/12" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/75252", "url": "http://www.securityfocus.com/bid/75252" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032709", "url": "http://www.securitytracker.com/id/1032709" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69152", "url": "https://bugs.php.net/bug.php?id=69152" } ], "release_date": "2016-05-16T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2016-05-16T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2014-3669", "notes": [ { "category": "description", "text": "Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2014-3669" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=56754a7f9eba0e4f559b6ca081d9f2a447b3f159", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=56754a7f9eba0e4f559b6ca081d9f2a447b3f159" }, { "category": "external", "summary": "http://linux.oracle.com/errata/ELSA-2014-1767.html", "url": "http://linux.oracle.com/errata/ELSA-2014-1767.html" }, { "category": "external", "summary": "http://linux.oracle.com/errata/ELSA-2014-1768.html", "url": "http://linux.oracle.com/errata/ELSA-2014-1768.html" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html", "url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1767.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1767.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1768.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1768.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1824.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1824.html" }, { "category": "external", "summary": "http://secunia.com/advisories/59967", "url": "http://secunia.com/advisories/59967" }, { "category": "external", "summary": "http://secunia.com/advisories/60630", "url": "http://secunia.com/advisories/60630" }, { "category": "external", "summary": "http://secunia.com/advisories/60699", "url": "http://secunia.com/advisories/60699" }, { "category": "external", "summary": "http://secunia.com/advisories/61763", "url": "http://secunia.com/advisories/61763" }, { "category": "external", "summary": "http://secunia.com/advisories/61970", "url": "http://secunia.com/advisories/61970" }, { "category": "external", "summary": "http://secunia.com/advisories/61982", "url": "http://secunia.com/advisories/61982" }, { "category": "external", "summary": "http://www.debian.org/security/2014/dsa-3064", "url": "http://www.debian.org/security/2014/dsa-3064" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/70611", "url": "http://www.securityfocus.com/bid/70611" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-2391-1", "url": "http://www.ubuntu.com/usn/USN-2391-1" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=68044", "url": "https://bugs.php.net/bug.php?id=68044" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=1154500", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154500" }, { "category": "external", "summary": "https://support.apple.com/HT204659", "url": "https://support.apple.com/HT204659" } ], "release_date": "2014-10-29T10:55:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2014-10-29T10:55:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2014-9425", "notes": [ { "category": "description", "text": "Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2014-9425" }, { "category": "external", "summary": "http://advisories.mageia.org/MGASA-2015-0040.html", "url": "http://advisories.mageia.org/MGASA-2015-0040.html" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=24125f0f26f3787c006e4a51611ba33ee3b841cb", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=24125f0f26f3787c006e4a51611ba33ee3b841cb" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2bcf69d073190e4f032d883f3416dea1b027a39e", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2bcf69d073190e4f032d883f3416dea1b027a39e" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fbf3a6bc1abcc8a5b5226b0ad9464c37f11ddbd6", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fbf3a6bc1abcc8a5b5226b0ad9464c37f11ddbd6" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" }, { "category": "external", "summary": "http://openwall.com/lists/oss-security/2014/12/29/6", "url": "http://openwall.com/lists/oss-security/2014/12/29/6" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/71800", "url": "http://www.securityfocus.com/bid/71800" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=68676", "url": "https://bugs.php.net/bug.php?id=68676" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201503-03", "url": "https://security.gentoo.org/glsa/201503-03" }, { "category": "external", "summary": "https://support.apple.com/HT205267", "url": "https://support.apple.com/HT205267" } ], "release_date": "2014-12-31T02:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2014-12-31T02:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2014-9705", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2014-9705" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html", "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html" }, { "category": "external", "summary": "http://marc.info/?l=bugtraq&m=143748090628601&w=2", "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2" }, { "category": "external", "summary": "http://marc.info/?l=bugtraq&m=144050155601375&w=2", "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2" }, { "category": "external", "summary": "http://openwall.com/lists/oss-security/2015/03/15/6", "url": "http://openwall.com/lists/oss-security/2015/03/15/6" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1053.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1066.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803", "url": "http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803" }, { "category": "external", "summary": "http://www.debian.org/security/2015/dsa-3195", "url": "http://www.debian.org/security/2015/dsa-3195" }, { "category": "external", "summary": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/73031", "url": "http://www.securityfocus.com/bid/73031" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1031948", "url": "http://www.securitytracker.com/id/1031948" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-2535-1", "url": "http://www.ubuntu.com/usn/USN-2535-1" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=68552", "url": "https://bugs.php.net/bug.php?id=68552" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" }, { "category": "external", "summary": "https://support.apple.com/HT205267", "url": "https://support.apple.com/HT205267" }, { "category": "external", "summary": "https://www.htbridge.com/advisory/HTB23252", "url": "https://www.htbridge.com/advisory/HTB23252" } ], "release_date": "2015-03-30T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-03-30T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2012-0830", "notes": [ { "category": "description", "text": "The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2012-0830" }, { "category": "external", "summary": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html" }, { "category": "external", "summary": "http://marc.info/?l=bugtraq&m=134012830914727&w=2", "url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2" }, { "category": "external", "summary": "http://openwall.com/lists/oss-security/2012/02/02/12", "url": "http://openwall.com/lists/oss-security/2012/02/02/12" }, { "category": "external", "summary": "http://openwall.com/lists/oss-security/2012/02/03/1", "url": "http://openwall.com/lists/oss-security/2012/02/03/1" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2012-0092.html", "url": "http://rhn.redhat.com/errata/RHSA-2012-0092.html" }, { "category": "external", "summary": "http://secunia.com/advisories/47801", "url": "http://secunia.com/advisories/47801" }, { "category": "external", "summary": "http://secunia.com/advisories/47806", "url": "http://secunia.com/advisories/47806" }, { "category": "external", "summary": "http://secunia.com/advisories/47813", "url": "http://secunia.com/advisories/47813" }, { "category": "external", "summary": "http://secunia.com/advisories/48668", "url": "http://secunia.com/advisories/48668" }, { "category": "external", "summary": "http://securitytracker.com/id?1026631", "url": "http://securitytracker.com/id?1026631" }, { "category": "external", "summary": "http://support.apple.com/kb/HT5281", "url": "http://support.apple.com/kb/HT5281" }, { "category": "external", "summary": "http://svn.php.net/viewvc?view=revision&revision=323007", "url": "http://svn.php.net/viewvc?view=revision&revision=323007" }, { "category": "external", "summary": "http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/", "url": "http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/" }, { "category": "external", "summary": "http://www.debian.org/security/2012/dsa-2403", "url": "http://www.debian.org/security/2012/dsa-2403" }, { "category": "external", "summary": "http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html", "url": "http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html" }, { "category": "external", "summary": "http://www.osvdb.org/78819", "url": "http://www.osvdb.org/78819" }, { "category": "external", "summary": "http://www.php.net/ChangeLog-5.php#5.3.10", "url": "http://www.php.net/ChangeLog-5.php#5.3.10" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/51830", "url": "http://www.securityfocus.com/bid/51830" }, { "category": "external", "summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72911", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72911" }, { "category": "external", "summary": "https://gist.github.com/1725489", "url": "https://gist.github.com/1725489" } ], "release_date": "2012-02-06T20:55:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2012-02-06T20:55:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2026-7261", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when SoapServer is configured with SOAP_PERSISTENCE_SESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistance is handled incorrectly, resulting in freeing the object while keeping a pointer to it, which may lead to use-after-free. This may lead to memory corruption, information disclosure, or process crashes, with confidentiality, integrity, and availability impact on the vulnerable system.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2026-7261" }, { "category": "external", "summary": "https://github.com/php/php-src/security/advisories/GHSA-m33r-qmcv-p97q", "url": "https://github.com/php/php-src/security/advisories/GHSA-m33r-qmcv-p97q" } ], "release_date": "2026-05-10T05:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2026-05-10T05:16:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2015-4602", "notes": [ { "category": "description", "text": "The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4602" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fb83c76deec58f1fab17c350f04c9f042e5977d1", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fb83c76deec58f1fab17c350f04c9f042e5977d1" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2015/06/16/12", "url": "http://www.openwall.com/lists/oss-security/2015/06/16/12" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/75249", "url": "http://www.securityfocus.com/bid/75249" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032709", "url": "http://www.securitytracker.com/id/1032709" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69152", "url": "https://bugs.php.net/bug.php?id=69152" } ], "release_date": "2016-05-16T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2016-05-16T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2015-3307", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-3307" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1066.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/74703", "url": "http://www.securityfocus.com/bid/74703" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69443", "url": "https://bugs.php.net/bug.php?id=69443" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=1223441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223441" }, { "category": "external", "summary": "https://support.apple.com/kb/HT205031", "url": "https://support.apple.com/kb/HT205031" } ], "release_date": "2015-06-09T18:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-06-09T18:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2015-4022", "notes": [ { "category": "description", "text": "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4022" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "category": "external", "summary": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html" }, { "category": "external", "summary": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html" }, { "category": "external", "summary": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1219.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html" }, { "category": "external", "summary": "http://www.debian.org/security/2015/dsa-3280", "url": "http://www.debian.org/security/2015/dsa-3280" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/74902", "url": "http://www.securityfocus.com/bid/74902" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032433", "url": "http://www.securitytracker.com/id/1032433" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69545", "url": "https://bugs.php.net/bug.php?id=69545" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" }, { "category": "external", "summary": "https://support.apple.com/kb/HT205031", "url": "https://support.apple.com/kb/HT205031" } ], "release_date": "2015-06-09T18:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-06-09T18:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2026-6722", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys, processing the second entry overwrites the first in the temporary result map, freeing the original PHP object while its stale pointer remains in the map. A subsequent href reference to the freed node can copy the dangling pointer into the result. As PHP string allocations can reclaim the freed memory region, an attacker with control over the SOAP request body can exploit this use-after-free to achieve remote code execution.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2026-6722" }, { "category": "external", "summary": "https://github.com/php/php-src/security/advisories/GHSA-85c2-q967-79q5", "url": "https://github.com/php/php-src/security/advisories/GHSA-85c2-q967-79q5" } ], "release_date": "2026-05-10T05:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2026-05-10T05:16:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2014-3670", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2014-3670" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ddb207e7fa2e9adeba021a1303c3781efda5409b", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ddb207e7fa2e9adeba021a1303c3781efda5409b" }, { "category": "external", "summary": "http://linux.oracle.com/errata/ELSA-2014-1767.html", "url": "http://linux.oracle.com/errata/ELSA-2014-1767.html" }, { "category": "external", "summary": "http://linux.oracle.com/errata/ELSA-2014-1768.html", "url": "http://linux.oracle.com/errata/ELSA-2014-1768.html" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html", "url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1767.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1767.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1768.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1768.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2014-1824.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-1824.html" }, { "category": "external", "summary": "http://secunia.com/advisories/59967", "url": "http://secunia.com/advisories/59967" }, { "category": "external", "summary": "http://secunia.com/advisories/60630", "url": "http://secunia.com/advisories/60630" }, { "category": "external", "summary": "http://secunia.com/advisories/60699", "url": "http://secunia.com/advisories/60699" }, { "category": "external", "summary": "http://secunia.com/advisories/61763", "url": "http://secunia.com/advisories/61763" }, { "category": "external", "summary": "http://secunia.com/advisories/61970", "url": "http://secunia.com/advisories/61970" }, { "category": "external", "summary": "http://secunia.com/advisories/61982", "url": "http://secunia.com/advisories/61982" }, { "category": "external", "summary": "http://www.debian.org/security/2014/dsa-3064", "url": "http://www.debian.org/security/2014/dsa-3064" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/70665", "url": "http://www.securityfocus.com/bid/70665" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-2391-1", "url": "http://www.ubuntu.com/usn/USN-2391-1" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=68113", "url": "https://bugs.php.net/bug.php?id=68113" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=1154502", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154502" }, { "category": "external", "summary": "https://support.apple.com/HT204659", "url": "https://support.apple.com/HT204659" } ], "release_date": "2014-10-29T10:55:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2014-10-29T10:55:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2015-4025", "notes": [ { "category": "description", "text": "PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4025" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "category": "external", "summary": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html" }, { "category": "external", "summary": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html" }, { "category": "external", "summary": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1219.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html" }, { "category": "external", "summary": "http://www.debian.org/security/2015/dsa-3280", "url": "http://www.debian.org/security/2015/dsa-3280" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/74904", "url": "http://www.securityfocus.com/bid/74904" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032431", "url": "http://www.securitytracker.com/id/1032431" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69418", "url": "https://bugs.php.net/bug.php?id=69418" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" }, { "category": "external", "summary": "https://support.apple.com/kb/HT205031", "url": "https://support.apple.com/kb/HT205031" } ], "release_date": "2015-06-09T18:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-06-09T18:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2015-4600", "notes": [ { "category": "description", "text": "The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4600" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2015/06/16/12", "url": "http://www.openwall.com/lists/oss-security/2015/06/16/12" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/74413", "url": "http://www.securityfocus.com/bid/74413" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032709", "url": "http://www.securitytracker.com/id/1032709" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69152", "url": "https://bugs.php.net/bug.php?id=69152" } ], "release_date": "2016-05-16T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2016-05-16T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2015-4599", "notes": [ { "category": "description", "text": "The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4599" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=51856a76f87ecb24fe1385342be43610fb6c86e4", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=51856a76f87ecb24fe1385342be43610fb6c86e4" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2015/06/16/12", "url": "http://www.openwall.com/lists/oss-security/2015/06/16/12" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/75251", "url": "http://www.securityfocus.com/bid/75251" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032709", "url": "http://www.securitytracker.com/id/1032709" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69152", "url": "https://bugs.php.net/bug.php?id=69152" } ], "release_date": "2016-05-16T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2016-05-16T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2015-4601", "notes": [ { "category": "description", "text": "PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4601" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2015/06/16/12", "url": "http://www.openwall.com/lists/oss-security/2015/06/16/12" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/75246", "url": "http://www.securityfocus.com/bid/75246" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032709", "url": "http://www.securitytracker.com/id/1032709" } ], "release_date": "2016-05-16T10:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2016-05-16T10:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2015-4026", "notes": [ { "category": "description", "text": "The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4026" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "category": "external", "summary": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html" }, { "category": "external", "summary": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html" }, { "category": "external", "summary": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1219.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html" }, { "category": "external", "summary": "http://www.debian.org/security/2015/dsa-3280", "url": "http://www.debian.org/security/2015/dsa-3280" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/75056", "url": "http://www.securityfocus.com/bid/75056" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032431", "url": "http://www.securitytracker.com/id/1032431" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=68598", "url": "https://bugs.php.net/bug.php?id=68598" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" }, { "category": "external", "summary": "https://support.apple.com/kb/HT205031", "url": "https://support.apple.com/kb/HT205031" } ], "release_date": "2015-06-09T18:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-06-09T18:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2012-1823", "notes": [ { "category": "description", "text": "sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.\n", "title": "Vulnerability description" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2012-1823" } ], "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2015-3329", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-3329" }, { "category": "external", "summary": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1066.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1186.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1187.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.debian.org/security/2015/dsa-3280", "url": "http://www.debian.org/security/2015/dsa-3280" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/74240", "url": "http://www.securityfocus.com/bid/74240" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032145", "url": "http://www.securitytracker.com/id/1032145" }, { "category": "external", "summary": "http://www.ubuntu.com/usn/USN-2572-1", "url": "http://www.ubuntu.com/usn/USN-2572-1" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69441", "url": "https://bugs.php.net/bug.php?id=69441" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" }, { "category": "external", "summary": "https://support.apple.com/HT205267", "url": "https://support.apple.com/HT205267" }, { "category": "external", "summary": "https://support.apple.com/kb/HT205031", "url": "https://support.apple.com/kb/HT205031" } ], "release_date": "2015-06-09T18:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-06-09T18:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2015-4147", "notes": [ { "category": "description", "text": "The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a \"type confusion\" issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "known_affected": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-alt-php/cve/CVE-2015-4147" }, { "category": "external", "summary": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "category": "external", "summary": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html" }, { "category": "external", "summary": "http://openwall.com/lists/oss-security/2015/06/01/4", "url": "http://openwall.com/lists/oss-security/2015/06/01/4" }, { "category": "external", "summary": "http://php.net/ChangeLog-5.php", "url": "http://php.net/ChangeLog-5.php" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1053.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1066.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1135.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" }, { "category": "external", "summary": "http://rhn.redhat.com/errata/RHSA-2015-1218.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/73357", "url": "http://www.securityfocus.com/bid/73357" }, { "category": "external", "summary": "http://www.securitytracker.com/id/1032459", "url": "http://www.securitytracker.com/id/1032459" }, { "category": "external", "summary": "https://bugs.php.net/bug.php?id=69085", "url": "https://bugs.php.net/bug.php?id=69085" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201606-10", "url": "https://security.gentoo.org/glsa/201606-10" }, { "category": "external", "summary": "https://support.apple.com/kb/HT205031", "url": "https://support.apple.com/kb/HT205031" } ], "release_date": "2015-06-09T18:59:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-22T08:48:59.339528Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ], "url": "https://cve.tuxcare.com/els-alt-php/releases/CLSA-2026:1779439736" }, { "category": "none_available", "date": "2015-06-09T18:59:00Z", "details": "Affected", "product_ids": [ "Debian-13:alt-php52-0:5.2.17-218.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-218.amd64", "Debian-13:alt-php52-cli-0:5.2.17-218.amd64", "Debian-13:alt-php52-common-0:5.2.17-218.amd64", "Debian-13:alt-php52-dba-0:5.2.17-218.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-218.amd64", "Debian-13:alt-php52-dev-0:5.2.17-218.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-218.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-218.amd64", "Debian-13:alt-php52-gd-0:5.2.17-218.amd64", "Debian-13:alt-php52-imap-0:5.2.17-218.amd64", "Debian-13:alt-php52-intl-0:5.2.17-218.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-218.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-218.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-218.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-218.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-218.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-218.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-218.amd64", "Debian-13:alt-php52-process-0:5.2.17-218.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-218.amd64", "Debian-13:alt-php52-recode-0:5.2.17-218.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-218.amd64", "Debian-13:alt-php52-soap-0:5.2.17-218.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-218.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-218.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-218.amd64", "Debian-13:alt-php52-xml-0:5.2.17-218.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-218.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Debian-13:alt-php52-0:5.2.17-221.amd64", "Debian-13:alt-php52-0:5.2.17-221.arm64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.amd64", "Debian-13:alt-php52-bcmath-0:5.2.17-221.arm64", "Debian-13:alt-php52-cli-0:5.2.17-221.amd64", "Debian-13:alt-php52-cli-0:5.2.17-221.arm64", "Debian-13:alt-php52-common-0:5.2.17-221.amd64", "Debian-13:alt-php52-common-0:5.2.17-221.arm64", "Debian-13:alt-php52-dba-0:5.2.17-221.amd64", "Debian-13:alt-php52-dba-0:5.2.17-221.arm64", "Debian-13:alt-php52-dbx-0:5.2.17-221.amd64", "Debian-13:alt-php52-dbx-0:5.2.17-221.arm64", "Debian-13:alt-php52-dev-0:5.2.17-221.amd64", "Debian-13:alt-php52-dev-0:5.2.17-221.arm64", "Debian-13:alt-php52-enchant-0:5.2.17-221.amd64", "Debian-13:alt-php52-enchant-0:5.2.17-221.arm64", "Debian-13:alt-php52-firebird-0:5.2.17-221.amd64", "Debian-13:alt-php52-firebird-0:5.2.17-221.arm64", "Debian-13:alt-php52-gd-0:5.2.17-221.amd64", "Debian-13:alt-php52-gd-0:5.2.17-221.arm64", "Debian-13:alt-php52-imap-0:5.2.17-221.amd64", "Debian-13:alt-php52-imap-0:5.2.17-221.arm64", "Debian-13:alt-php52-intl-0:5.2.17-221.amd64", "Debian-13:alt-php52-intl-0:5.2.17-221.arm64", "Debian-13:alt-php52-ldap-0:5.2.17-221.amd64", "Debian-13:alt-php52-ldap-0:5.2.17-221.arm64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.amd64", "Debian-13:alt-php52-mbstring-0:5.2.17-221.arm64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.amd64", "Debian-13:alt-php52-mcrypt-0:5.2.17-221.arm64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.amd64", "Debian-13:alt-php52-mysqlnd-0:5.2.17-221.arm64", "Debian-13:alt-php52-odbc-0:5.2.17-221.amd64", "Debian-13:alt-php52-odbc-0:5.2.17-221.arm64", "Debian-13:alt-php52-pdo-0:5.2.17-221.amd64", "Debian-13:alt-php52-pdo-0:5.2.17-221.arm64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.amd64", "Debian-13:alt-php52-pgsql-0:5.2.17-221.arm64", "Debian-13:alt-php52-process-0:5.2.17-221.amd64", "Debian-13:alt-php52-process-0:5.2.17-221.arm64", "Debian-13:alt-php52-pspell-0:5.2.17-221.amd64", "Debian-13:alt-php52-pspell-0:5.2.17-221.arm64", "Debian-13:alt-php52-recode-0:5.2.17-221.amd64", "Debian-13:alt-php52-recode-0:5.2.17-221.arm64", "Debian-13:alt-php52-snmp-0:5.2.17-221.amd64", "Debian-13:alt-php52-snmp-0:5.2.17-221.arm64", "Debian-13:alt-php52-soap-0:5.2.17-221.amd64", "Debian-13:alt-php52-soap-0:5.2.17-221.arm64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.amd64", "Debian-13:alt-php52-sqlite-0:5.2.17-221.arm64", "Debian-13:alt-php52-sybase-0:5.2.17-221.amd64", "Debian-13:alt-php52-sybase-0:5.2.17-221.arm64", "Debian-13:alt-php52-tidy-0:5.2.17-221.amd64", "Debian-13:alt-php52-tidy-0:5.2.17-221.arm64", "Debian-13:alt-php52-xml-0:5.2.17-221.amd64", "Debian-13:alt-php52-xml-0:5.2.17-221.arm64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.amd64", "Debian-13:alt-php52-xmlrpc-0:5.2.17-221.arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }