CLSA-2025-1761577285

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2025-1761577285

Upstream

CVE-2017-9118

CVE-2024-11233

CVE-2024-11234

CVE-2024-8927

CVE-2025-1735

Published

2025-10-27T15:01:32Z

Modified

2026-06-04T10:03:56.018751073Z

Summary

Fix of 5 CVEs

Details

SECURITY UPDATE: out-of-bounds access
- debian/patches/CVE-2017-9118.patch: fix out of bounds access in phppcrereplace_impl
- CVE-2017-9118
SECURITY UPDATE: improper validation of HTTPREDIRECTSTATUS variable in CGI binary
- debian/patches/CVE-2024-8927.patch: fix Apache server name check; remove references to redirect.so and Netscape; check configuration override first
- CVE-2024-8927
SECURITY UPDATE: buffer overread vulnerability
- debian/patches/CVE-2024-11233.patch: move bound check upwards to fix single byte overread with convert.quoted-printable-decode filter
- CVE-2024-11233
SECURITY UPDATE: URI is not properly sanitized
- debian/patches/CVE-2024-11234.patch: when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user
- CVE-2024-11234
SECURITY UPDATE: incomplete check in escaping functions
- debian/patches/CVE-2025-1735.patch: pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.
- CVE-2025-1735

References

https://errata.tuxcare.com/els_os/debian10els/CLSA-2025-1761577285.html

Affected packages

TuxCare:Debian:10

libapache2-mod-php7.3

Package

Name: libapache2-mod-php7.3
Purl: pkg:deb/tuxcare/libapache2-mod-php7.3?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

libphp7.3-embed

Package

Name: libphp7.3-embed
Purl: pkg:deb/tuxcare/libphp7.3-embed?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3

Package

Name: php7.3
Purl: pkg:deb/tuxcare/php7.3?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-bcmath

Package

Name: php7.3-bcmath
Purl: pkg:deb/tuxcare/php7.3-bcmath?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-bz2

Package

Name: php7.3-bz2
Purl: pkg:deb/tuxcare/php7.3-bz2?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-cgi

Package

Name: php7.3-cgi
Purl: pkg:deb/tuxcare/php7.3-cgi?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-cli

Package

Name: php7.3-cli
Purl: pkg:deb/tuxcare/php7.3-cli?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-common

Package

Name: php7.3-common
Purl: pkg:deb/tuxcare/php7.3-common?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-curl

Package

Name: php7.3-curl
Purl: pkg:deb/tuxcare/php7.3-curl?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-dba

Package

Name: php7.3-dba
Purl: pkg:deb/tuxcare/php7.3-dba?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-dev

Package

Name: php7.3-dev
Purl: pkg:deb/tuxcare/php7.3-dev?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-enchant

Package

Name: php7.3-enchant
Purl: pkg:deb/tuxcare/php7.3-enchant?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-fpm

Package

Name: php7.3-fpm
Purl: pkg:deb/tuxcare/php7.3-fpm?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-gd

Package

Name: php7.3-gd
Purl: pkg:deb/tuxcare/php7.3-gd?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-gmp

Package

Name: php7.3-gmp
Purl: pkg:deb/tuxcare/php7.3-gmp?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-imap

Package

Name: php7.3-imap
Purl: pkg:deb/tuxcare/php7.3-imap?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-interbase

Package

Name: php7.3-interbase
Purl: pkg:deb/tuxcare/php7.3-interbase?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-intl

Package

Name: php7.3-intl
Purl: pkg:deb/tuxcare/php7.3-intl?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-json

Package

Name: php7.3-json
Purl: pkg:deb/tuxcare/php7.3-json?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-ldap

Package

Name: php7.3-ldap
Purl: pkg:deb/tuxcare/php7.3-ldap?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-mbstring

Package

Name: php7.3-mbstring
Purl: pkg:deb/tuxcare/php7.3-mbstring?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-mysql

Package

Name: php7.3-mysql
Purl: pkg:deb/tuxcare/php7.3-mysql?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-odbc

Package

Name: php7.3-odbc
Purl: pkg:deb/tuxcare/php7.3-odbc?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-opcache

Package

Name: php7.3-opcache
Purl: pkg:deb/tuxcare/php7.3-opcache?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-pgsql

Package

Name: php7.3-pgsql
Purl: pkg:deb/tuxcare/php7.3-pgsql?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-phpdbg

Package

Name: php7.3-phpdbg
Purl: pkg:deb/tuxcare/php7.3-phpdbg?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-pspell

Package

Name: php7.3-pspell
Purl: pkg:deb/tuxcare/php7.3-pspell?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-readline

Package

Name: php7.3-readline
Purl: pkg:deb/tuxcare/php7.3-readline?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-recode

Package

Name: php7.3-recode
Purl: pkg:deb/tuxcare/php7.3-recode?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-snmp

Package

Name: php7.3-snmp
Purl: pkg:deb/tuxcare/php7.3-snmp?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-soap

Package

Name: php7.3-soap
Purl: pkg:deb/tuxcare/php7.3-soap?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-sqlite3

Package

Name: php7.3-sqlite3
Purl: pkg:deb/tuxcare/php7.3-sqlite3?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-sybase

Package

Name: php7.3-sybase
Purl: pkg:deb/tuxcare/php7.3-sybase?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-tidy

Package

Name: php7.3-tidy
Purl: pkg:deb/tuxcare/php7.3-tidy?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-xml

Package

Name: php7.3-xml
Purl: pkg:deb/tuxcare/php7.3-xml?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-xmlrpc

Package

Name: php7.3-xmlrpc
Purl: pkg:deb/tuxcare/php7.3-xmlrpc?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-xsl

Package

Name: php7.3-xsl
Purl: pkg:deb/tuxcare/php7.3-xsl?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"

php7.3-zip

Package

Name: php7.3-zip
Purl: pkg:deb/tuxcare/php7.3-zip?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.3.31-1~deb10u7+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761577285.json"