CLSA-2026-1778787692

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1778787692

Upstream

CVE-2026-7258

CVE-2026-7262

CVE-2026-7568

Published

2026-05-14T19:41:39Z

Modified

2026-06-04T09:45:11.778997527Z

Summary

Fix CVE(s): CVE-2026-7258, CVE-2026-7262, CVE-2026-7568

Details

SECURITY UPDATE: NULL pointer dereference in SOAP apache:Map decoder
- debian/patches/CVE-2026-7262.patch: fix wrong variable checked in tozvalmap() NULL check, changing if (!xmlKey) to if (!xmlValue)
- CVE-2026-7262
SECURITY UPDATE: Signed integer overflow in metaphone() char array offset
- debian/patches/CVE-2026-7568.patch: widen widx in metaphone() and howfar/idx in Lookahead() from int to size_t in ext/standard/metaphone.c to prevent signed overflow on inputs exceeding 2^31 bytes
- CVE-2026-7568
SECURITY UPDATE: Denial of service via signed char passed to ctype functions
- debian/patches/CVE-2026-7258.patch: consistently cast chars to unsigned char before all ctype.h calls (isxdigit, isdigit, isalpha, isalnum, isspace, tolower, toupper) across 54 files including ext/standard/url.c (phpurldecode, phprawurldecode) and ext/standard/formattedprint.c, Zend/zendvirtualcwd.c, and others
- CVE-2026-7258

References

https://errata.tuxcare.com/els_os/ubuntu20.04els/CLSA-2026-1778787692.html

Affected packages

TuxCare:Ubuntu:20.04

libapache2-mod-php7.4

Package

Name: libapache2-mod-php7.4
Purl: pkg:deb/tuxcare/libapache2-mod-php7.4?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

libphp7.4-embed

Package

Name: libphp7.4-embed
Purl: pkg:deb/tuxcare/libphp7.4-embed?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4

Package

Name: php7.4
Purl: pkg:deb/tuxcare/php7.4?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-bcmath

Package

Name: php7.4-bcmath
Purl: pkg:deb/tuxcare/php7.4-bcmath?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-bz2

Package

Name: php7.4-bz2
Purl: pkg:deb/tuxcare/php7.4-bz2?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-cgi

Package

Name: php7.4-cgi
Purl: pkg:deb/tuxcare/php7.4-cgi?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-cli

Package

Name: php7.4-cli
Purl: pkg:deb/tuxcare/php7.4-cli?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-common

Package

Name: php7.4-common
Purl: pkg:deb/tuxcare/php7.4-common?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-curl

Package

Name: php7.4-curl
Purl: pkg:deb/tuxcare/php7.4-curl?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-dba

Package

Name: php7.4-dba
Purl: pkg:deb/tuxcare/php7.4-dba?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-dev

Package

Name: php7.4-dev
Purl: pkg:deb/tuxcare/php7.4-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-enchant

Package

Name: php7.4-enchant
Purl: pkg:deb/tuxcare/php7.4-enchant?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-fpm

Package

Name: php7.4-fpm
Purl: pkg:deb/tuxcare/php7.4-fpm?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-gd

Package

Name: php7.4-gd
Purl: pkg:deb/tuxcare/php7.4-gd?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-gmp

Package

Name: php7.4-gmp
Purl: pkg:deb/tuxcare/php7.4-gmp?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-imap

Package

Name: php7.4-imap
Purl: pkg:deb/tuxcare/php7.4-imap?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-interbase

Package

Name: php7.4-interbase
Purl: pkg:deb/tuxcare/php7.4-interbase?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-intl

Package

Name: php7.4-intl
Purl: pkg:deb/tuxcare/php7.4-intl?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-json

Package

Name: php7.4-json
Purl: pkg:deb/tuxcare/php7.4-json?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-ldap

Package

Name: php7.4-ldap
Purl: pkg:deb/tuxcare/php7.4-ldap?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-mbstring

Package

Name: php7.4-mbstring
Purl: pkg:deb/tuxcare/php7.4-mbstring?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-mysql

Package

Name: php7.4-mysql
Purl: pkg:deb/tuxcare/php7.4-mysql?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-odbc

Package

Name: php7.4-odbc
Purl: pkg:deb/tuxcare/php7.4-odbc?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-opcache

Package

Name: php7.4-opcache
Purl: pkg:deb/tuxcare/php7.4-opcache?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-pgsql

Package

Name: php7.4-pgsql
Purl: pkg:deb/tuxcare/php7.4-pgsql?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-phpdbg

Package

Name: php7.4-phpdbg
Purl: pkg:deb/tuxcare/php7.4-phpdbg?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-pspell

Package

Name: php7.4-pspell
Purl: pkg:deb/tuxcare/php7.4-pspell?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-readline

Package

Name: php7.4-readline
Purl: pkg:deb/tuxcare/php7.4-readline?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-snmp

Package

Name: php7.4-snmp
Purl: pkg:deb/tuxcare/php7.4-snmp?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-soap

Package

Name: php7.4-soap
Purl: pkg:deb/tuxcare/php7.4-soap?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-sqlite3

Package

Name: php7.4-sqlite3
Purl: pkg:deb/tuxcare/php7.4-sqlite3?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-sybase

Package

Name: php7.4-sybase
Purl: pkg:deb/tuxcare/php7.4-sybase?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-tidy

Package

Name: php7.4-tidy
Purl: pkg:deb/tuxcare/php7.4-tidy?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-xml

Package

Name: php7.4-xml
Purl: pkg:deb/tuxcare/php7.4-xml?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-xmlrpc

Package

Name: php7.4-xmlrpc
Purl: pkg:deb/tuxcare/php7.4-xmlrpc?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-xsl

Package

Name: php7.4-xsl
Purl: pkg:deb/tuxcare/php7.4-xsl?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"

php7.4-zip

Package

Name: php7.4-zip
Purl: pkg:deb/tuxcare/php7.4-zip?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.3-4ubuntu2.29+tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778787692.json"