CLSA-2025-1736284875

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2025-1736284875

Upstream

CVE-2022-31629

CVE-2024-2756

CVE-2024-3096

Published

2025-01-07T21:21:22Z

Modified

2026-06-01T00:33:20.807747422Z

Summary

php: Fix of 3 CVEs

Details

CVE-2024-2756: Fix issue introduced by incomplete fix of CVE-2022-31629 to prevent network and same-site attackers from setting insecure cookies in victim's browser
CVE-2024-3096: Fix issue where password_verify() incorrectly returns true when testing a blank string with password starting with a null byte

References

https://errata.cloudlinux.com/centos8.4-els/CLSA-2025-1736284875.html

Affected packages

TuxCare:CentOS:8.4

php

Package

Name: php
Purl: pkg:rpm/tuxcare/php?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-bcmath

Package

Name: php-bcmath
Purl: pkg:rpm/tuxcare/php-bcmath?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-cli

Package

Name: php-cli
Purl: pkg:rpm/tuxcare/php-cli?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-common

Package

Name: php-common
Purl: pkg:rpm/tuxcare/php-common?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-dba

Package

Name: php-dba
Purl: pkg:rpm/tuxcare/php-dba?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-dbg

Package

Name: php-dbg
Purl: pkg:rpm/tuxcare/php-dbg?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-devel

Package

Name: php-devel
Purl: pkg:rpm/tuxcare/php-devel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-embedded

Package

Name: php-embedded
Purl: pkg:rpm/tuxcare/php-embedded?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-enchant

Package

Name: php-enchant
Purl: pkg:rpm/tuxcare/php-enchant?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-ffi

Package

Name: php-ffi
Purl: pkg:rpm/tuxcare/php-ffi?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-fpm

Package

Name: php-fpm
Purl: pkg:rpm/tuxcare/php-fpm?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-gd

Package

Name: php-gd
Purl: pkg:rpm/tuxcare/php-gd?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-gmp

Package

Name: php-gmp
Purl: pkg:rpm/tuxcare/php-gmp?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-intl

Package

Name: php-intl
Purl: pkg:rpm/tuxcare/php-intl?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-json

Package

Name: php-json
Purl: pkg:rpm/tuxcare/php-json?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-ldap

Package

Name: php-ldap
Purl: pkg:rpm/tuxcare/php-ldap?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-mbstring

Package

Name: php-mbstring
Purl: pkg:rpm/tuxcare/php-mbstring?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-mysqlnd

Package

Name: php-mysqlnd
Purl: pkg:rpm/tuxcare/php-mysqlnd?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-odbc

Package

Name: php-odbc
Purl: pkg:rpm/tuxcare/php-odbc?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-opcache

Package

Name: php-opcache
Purl: pkg:rpm/tuxcare/php-opcache?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-pdo

Package

Name: php-pdo
Purl: pkg:rpm/tuxcare/php-pdo?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-pgsql

Package

Name: php-pgsql
Purl: pkg:rpm/tuxcare/php-pgsql?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-process

Package

Name: php-process
Purl: pkg:rpm/tuxcare/php-process?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-snmp

Package

Name: php-snmp
Purl: pkg:rpm/tuxcare/php-snmp?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-soap

Package

Name: php-soap
Purl: pkg:rpm/tuxcare/php-soap?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-xml

Package

Name: php-xml
Purl: pkg:rpm/tuxcare/php-xml?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"

php-xmlrpc

Package

Name: php-xmlrpc
Purl: pkg:rpm/tuxcare/php-xmlrpc?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1736284875.json"