[CLSA-2026:1778663877] php: Fix of CVE-2026-6735
Type:
security
Severity:
Moderate
Release date:
2026-05-13 09:18:02 UTC
Description:
- CVE-2026-6735: escape proc->request_uri before emitting it on the PHP-FPM status page to block stored XSS via crafted request URIs
Updated packages:
  • php-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:5b5453ce26608bd549394fe7a7fd17ba6824fd1e3c4e4380609b501347f55660
  • php-bcmath-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:504c3f779379a8cac1c278e07ef6b9e6657b32bb4b626ca000e9a274162144d4
  • php-cli-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:a64464fd68e3549d3a3dc31a3a66111c4c3deb808e424b0dac82765e800468fc
  • php-common-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:f1d342bb7ab9b2ace9ce7e4dfd592431d17e4e18ad067c20de5e3050b6a5281a
  • php-dba-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:890c79d72611404483de5d74a1c72924c9f001f6064095f9a77a064357602fb5
  • php-devel-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:ff99dc43fc04452297f083c5f28418d2995e02a970d282fe2aca0507223775ac
  • php-embedded-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:83a60c240095f86840e99b160f1b63c57fa2d4dae469606ea5cb6708414e4970
  • php-enchant-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:6cfc4b14a2af85fbb9223a4e0e8c2ccf154a92e6456547a06f899092a852ef0b
  • php-fpm-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:0254e6a0db2ca3906fa38010b3be3ddd8db31e0f59c142e0941950b2128256f9
  • php-gd-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:2f1847ece03247a4c2a28939a4cb7e9636ddf3982a6688f1eda2726ccf5ad143
  • php-intl-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:4b91ada4cb3aa413b8111d732eb84c9dd3b3a7643fd50a1f2f7c72a9112a7e89
  • php-ldap-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:d131b4c8673a88bfe76db7e541d1ec6ca3b73c4041b962d0aa5f3e48e71ca316
  • php-mbstring-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:afadbd3fa2ce32e4aaeb5782e290928274b332a8150d53c30181166d4b3be803
  • php-mysqlnd-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:cb1d9f830481dbb4bb3ba25c0627e2ea3eee2f496b259ad67290b94b89de09d9
  • php-odbc-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:bce0b409bfd5e122b7eb646a563fdafb1e414e2a824ae3fd1f2b5056bb068ba4
  • php-pdo-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:96af4fbd9e49d03ef9e18b9a7aab9f1a5847f80c0b0538d8fee96131387a0ba4
  • php-pgsql-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:157e1660ae7805a6ef3e0fee5da3188cca7526f42e8ca3131e2691aa1880f3d4
  • php-process-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:328a30ddda5fa7e9c9de35b7d4f54aefc18b1d9052020d55c4e788aa4c49b0b9
  • php-pspell-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:7ffe0946cc47e6cc7fd1db7a74bca21325b0d389a952227d18f4b6f4776cb5e3
  • php-recode-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:8568fdabe2ee4e29c6fdec85e1c253605cbb58839ea3ef970473faa78a02b517
  • php-snmp-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:122bddb5c55a4cc27fab3dc1a3c8c4a82439306c630f7e878bade1bd634819e2
  • php-soap-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:b9301f3884e30d46014965bd7e6da3b98f420e0480067cbf17cde351e2729db9
  • php-xml-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:6ef637141ada9f3d38c221e11acd4b1b4c2a9b168c80c6678538c74aee15eb02
  • php-xmlrpc-5.4.16-46.amzn2.0.6.tuxcare.els5.x86_64.rpm
    sha:58af24464c60d4f4f9192c0f33d95108899408e01b6a3e28ca9fc6cf17303b2a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.