[CLSA-2026:1778663827] php: Fix of CVE-2026-6735
Type:
security
Severity:
Moderate
Release date:
2026-05-15 22:12:41 UTC
Description:
- CVE-2026-6735: reflected XSS in PHP-FPM status endpoint via unescaped request URI in HTML/XML output (fpm_status_handle_request)
Updated packages:
  • php-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:b6353f26a6d57b9b22be4696e56d774e5565b1cb729434c8561a1276ca4ca36b
  • php-bcmath-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:b36ca217e474426612d18a1d37690137fc41dddfbdd6f2f6060259a10e07cb5e
  • php-cli-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:cb3ef554367870e5ebfd94d1dbbfa979ff95164d39cace6dc42c75cd286b7a38
  • php-common-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:8bb2621fbbe4b5e3b9584be450792b806015b320b549a70b7399e6fac8e4f49f
  • php-dba-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:3cd93939a0efd06d41a612bb89344d0f84b9c7daa569dd7100284e5634c5e845
  • php-devel-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:5558783bb2b264885976890ff5b6750edc11b86d6e06c3a9f9c259ca8b618130
  • php-embedded-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:04f419f690e29dee768b8ea93fa10ad82f25f1b08725c6d1f7f826dc81c8dd8f
  • php-enchant-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:730c106d029d0ee5d74f569f2e362883af3a4924830130de0f88af16a305ed97
  • php-fpm-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:680b7c04cbe6537d3066b09bc1857ea60295aa3d4d017ae8e1522442d221f32c
  • php-gd-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:36cc1ba23041ea3a2e75bb0bc34c7293843b16fe04041843c3226095d853b8f0
  • php-intl-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:9232e1387818ddb5c8e8adcb65813f8cbb7676c81d4c0adc26f80136dd9af4ea
  • php-ldap-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:c4bdc7b11c64ec576aa1352848ff8b8c7d0127516a25aec7cea43e91687b0854
  • php-mbstring-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:090d2f1504190024875953189c5d748a0b30f4eb78001c6fbd42dacff6191d26
  • php-mysql-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:863253b9346e21c0733bd9e81ff9d2a92c47b55b87a6676838db02f764fab567
  • php-mysqlnd-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:b38cc3c2c6cbee3f03af27cfe97ebaab9a4d701609fb77e87c375d9386e9a72d
  • php-odbc-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:7e95bd0b2c8fad9a0742e0c8cee833e14cb6020663f5946024769bb3ef8174b3
  • php-pdo-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:b9d69ffed2d1582f50267f3b1d7c4576b6a92bf2312f0e6bd28f569da73d098b
  • php-pgsql-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:94a8df0a9384302cad6e74e1b61a075c5a00a354b493df0ecf74ece96e9de4c7
  • php-process-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:2436a54607760594922e5cfd0228b111551c2f181bb45a2f975dd5bcde2a7887
  • php-pspell-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:bdfbbd5d78fb6c4f4f684eaf60509764ee9656e029d7f66bb20780a242552fb6
  • php-recode-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:5ecf55be0268cbb7c896549429f24bc26a4819d986c9f0b6eec99631c843fac7
  • php-snmp-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:c92ef3c5184a4cba2dcc4929405c21c979779878b5725dd52edf32e133afc99a
  • php-soap-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:d64745c189adcc0622d9e2765d0541a5cc5e9e6876d04092c092e8c9b83c749c
  • php-xml-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:70cc62a59cb2f22db7217f2f47285e6a696431753cbf6e532e8e48de2abbcc06
  • php-xmlrpc-5.4.16-48.el7.tuxcare.els19.x86_64.rpm
    sha:20b21d3eb11014fb932c7693c03e7ea18ae79254780dd455605417a0ba87d25d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.