CVE-2019-9024

Updated: 2024-11-22 01:58:10.505762

Description:

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

EL 6 PHP php 7.4 7.5 HIGH Ignored 2024-05-14 17:19:34
EL 6 PHP php 8.0 7.5 HIGH Ignored 2024-05-14 17:19:34
EL 6 PHP php 5.5 7.5 HIGH Ignored 2024-05-14 17:19:33
EL 6 PHP php 5.6 7.5 HIGH Ignored 2024-05-14 17:19:31
EL 6 PHP php 7.1 7.5 HIGH Ignored 2024-05-14 17:19:30
EL 6 PHP php 8.1 7.5 HIGH Ignored 2024-05-14 17:19:29
EL 6 PHP php 7.0 7.5 HIGH Ignored 2024-05-14 17:19:31
EL 6 PHP php 8.2 7.5 HIGH Ignored 2024-05-14 17:19:32
EL 6 PHP php 5.1 7.5 HIGH Ignored 2024-05-14 17:19:38
EL 6 PHP php 5.2 7.5 HIGH Ignored 2024-05-14 17:19:38
Total: 86