CLSA-2024-1735311613

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2024-1735311613

Upstream

CVE-2023-0567

CVE-2023-3247

Published

2024-12-27T15:00:20Z

Modified

2026-06-01T00:32:57.233512561Z

Summary

php: Fix of 2 CVEs

Details

CVE-2023-0567: fix issue causing password_verify() function to accept invalid Blowfish hashes as valid
CVE-2023-3247: fix issue with SOAP HTTP Digest Authentication random value generator not checking for failure, leading to disclosure of uninitialized memory and easier guessing of client's nonce
Fix SOAP leaking http_msg on error

References

https://errata.tuxcare.com/centos8stream-els/CLSA-2024-1735311613.html

Affected packages

TuxCare:CentOS-Stream:8

php

Package

Name: php
Purl: pkg:rpm/tuxcare/php?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-bcmath

Package

Name: php-bcmath
Purl: pkg:rpm/tuxcare/php-bcmath?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-cli

Package

Name: php-cli
Purl: pkg:rpm/tuxcare/php-cli?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-common

Package

Name: php-common
Purl: pkg:rpm/tuxcare/php-common?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-dba

Package

Name: php-dba
Purl: pkg:rpm/tuxcare/php-dba?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-dbg

Package

Name: php-dbg
Purl: pkg:rpm/tuxcare/php-dbg?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-devel

Package

Name: php-devel
Purl: pkg:rpm/tuxcare/php-devel?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-embedded

Package

Name: php-embedded
Purl: pkg:rpm/tuxcare/php-embedded?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-enchant

Package

Name: php-enchant
Purl: pkg:rpm/tuxcare/php-enchant?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-fpm

Package

Name: php-fpm
Purl: pkg:rpm/tuxcare/php-fpm?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-gd

Package

Name: php-gd
Purl: pkg:rpm/tuxcare/php-gd?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-gmp

Package

Name: php-gmp
Purl: pkg:rpm/tuxcare/php-gmp?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-intl

Package

Name: php-intl
Purl: pkg:rpm/tuxcare/php-intl?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-json

Package

Name: php-json
Purl: pkg:rpm/tuxcare/php-json?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-ldap

Package

Name: php-ldap
Purl: pkg:rpm/tuxcare/php-ldap?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-mbstring

Package

Name: php-mbstring
Purl: pkg:rpm/tuxcare/php-mbstring?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-mysqlnd

Package

Name: php-mysqlnd
Purl: pkg:rpm/tuxcare/php-mysqlnd?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-odbc

Package

Name: php-odbc
Purl: pkg:rpm/tuxcare/php-odbc?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-opcache

Package

Name: php-opcache
Purl: pkg:rpm/tuxcare/php-opcache?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-pdo

Package

Name: php-pdo
Purl: pkg:rpm/tuxcare/php-pdo?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-pgsql

Package

Name: php-pgsql
Purl: pkg:rpm/tuxcare/php-pgsql?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-process

Package

Name: php-process
Purl: pkg:rpm/tuxcare/php-process?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-recode

Package

Name: php-recode
Purl: pkg:rpm/tuxcare/php-recode?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-snmp

Package

Name: php-snmp
Purl: pkg:rpm/tuxcare/php-snmp?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-soap

Package

Name: php-soap
Purl: pkg:rpm/tuxcare/php-soap?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-xml

Package

Name: php-xml
Purl: pkg:rpm/tuxcare/php-xml?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"

php-xmlrpc

Package

Name: php-xmlrpc
Purl: pkg:rpm/tuxcare/php-xmlrpc?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.24-1.module_el8+2253+450c6754.tuxcare.els9

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1735311613.json"