RHSA-2024:10951MediumCVSS 7.5

Red Hat Security Advisory: php:8.2 security update

Published
December 11, 2024
Last Modified
June 30, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2024-2756 — php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-3096 — php: password_verify can erroneously return true, opening ATO risk CVE-2024-5458 — php: Filter bypass in filter_var (FILTER_VALIDATE_URL) CVE-2024-8925 — php: Erroneous parsing of multipart form data CVE-2024-8927 — php: cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-9026 — php: PHP-FPM Log Manipulation Vulnerability

🔗 References (10)