English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.9.2025.41017101299401010
Categoría:Fedora Local Security Checks
Título:Fedora: Security Advisory (FEDORA-2025-4e7e2c40e0)
Resumen:The remote host is missing an update for the 'php' package(s) announced via the FEDORA-2025-4e7e2c40e0 advisory.
Descripción:Summary:
The remote host is missing an update for the 'php' package(s) announced via the FEDORA-2025-4e7e2c40e0 advisory.

Vulnerability Insight:
**PHP version 8.3.19** (13 Mar 2025)

**BCMath:**

* Fixed bug [GH-17398]([link moved to references]) (bcmul memory leak). (SakiTakamachi)

**Core:**

* Fixed bug [GH-17623]([link moved to references]) (Broken stack overflow detection for variable compilation). (ilutov)
* Fixed bug [GH-17618]([link moved to references]) (UnhandledMatchError does not take zend.exception_ignore_args=1 into account). (timwolla)
* Fix fallback paths in fast_long_{add,sub}_function. (nielsdos)
* Fixed bug [GH-17718]([link moved to references]) (Calling static methods on an interface that has `__callStatic` is allowed). (timwolla)
* Fixed bug [GH-17797]([link moved to references]) (zend_test_compile_string crash on invalid script path). (David Carlier)
* Fixed [GHSA-rwp7-7vc6-8477]([link moved to references]) (Reference counting in php_request_shutdown causes Use-After-Free). (**CVE-2024-11235**) (ilutov)

**DOM:**

* Fixed bug [GH-17847]([link moved to references]) (xinclude destroys live node). (nielsdos)

**FFI:**

* Fix FFI Parsing of Pointer Declaration Lists. (davnotdev)

**FPM:**

* Fixed bug [GH-17643]([link moved to references]) (FPM with httpd ProxyPass encoded PATH_INFO env). (Jakub Zelenka)

**GD:**

* Fixed bug [GH-17772]([link moved to references]) (imagepalettetotruecolor crash with memory_limit=2M). (David Carlier)

**LDAP:**

* Fixed bug [GH-17704]([link moved to references]) (ldap_search fails when $attributes contains a non-packed array with numerical keys). (nielsdos, 7u83)

**LibXML:**

* Fixed [GHSA-wg4p-4hqh-c3g9]([link moved to references]) (Reocurrence of php#72714). (nielsdos)
* Fixed [GHSA-p3x9-6h7p-cgfc]([link moved to references]) (libxml streams use wrong `content-type` header when requesting a redirected resource). (**CVE-2025-1219**) (timwolla)

**MBString:**

* Fixed bug [GH-17503]([link moved to references]) (Undefined float conversion in mb_convert_variables). (cmb)

**Opcache:**

* Fixed bug [GH-17654]([link moved to references]) (Multiple classes using same trait causes function JIT crash). (nielsdos)
* Fixed bug [GH-17577]([link moved to references]) (JIT packed type guard crash). (nielsdos, Dmitry)
* Fixed bug [GH-17899]([link moved to references]) (zend_test_compile_string with invalid path when opcache is enabled). (David Carlier)
* Fixed bug [GH-17868]([link moved to references]) (Cannot allocate memory with tracing JIT). (nielsdos)

**PDO_SQLite:**

* Fixed [GH-17837]([link moved to references]) ()::getColumnMeta() on unexecuted statement segfaults). (cmb)
* Fix cycle leak in sqlite3 setAuthorizer(). (nielsdos)

**Phar:**

* Fixed bug [GH-17808]([link moved to references]): PharFileInfo refcount bug. (nielsdos)

**PHPDBG:**

* Partially fixed bug [GH-17387]([link moved to references]) (Trivial crash in phpdbg lexer). (nielsdos)
* Fix memory leak in phpdbg calling registered function. (nielsdos)

**Reflection:**

* Fixed bug [GH-15902]([link moved to ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'php' package(s) on Fedora 40.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-11235
Common Vulnerability Exposure (CVE) ID: CVE-2025-1217
Common Vulnerability Exposure (CVE) ID: CVE-2025-1219
Common Vulnerability Exposure (CVE) ID: CVE-2025-1734
Common Vulnerability Exposure (CVE) ID: CVE-2025-1736
Common Vulnerability Exposure (CVE) ID: CVE-2025-1861
CopyrightCopyright (C) 2025 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.