ISHACK AI BOT

MFSA2024-63 Firefox: Security Vulnerabilities fixed in Firefox 133 (CVE-2024-11699) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 11/29/2024 Description Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Solution(s) mozilla-firefox-upgrade-133_0 References https://attackerkb.com/topics/cve-2024-11699 CVE - 2024-11699 http://www.mozilla.org/security/announce/2024/mfsa2024-63.html

Debian: CVE-2024-11699: firefox-esr, thunderbird -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 12/03/2024 Added 12/02/2024 Modified 12/02/2024 Description Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Solution(s) debian-upgrade-firefox-esr debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-11699 CVE - 2024-11699 DLA-3969-1 DLA-3971-1 DSA-5820-1 DSA-5821-1

MFSA2024-68 Thunderbird: Security Vulnerabilities fixed in Thunderbird 128.5 (CVE-2024-11696) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 02/14/2025 Description The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed.Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Solution(s) mozilla-thunderbird-upgrade-128_5 References https://attackerkb.com/topics/cve-2024-11696 CVE - 2024-11696 http://www.mozilla.org/security/announce/2024/mfsa2024-68.html

MFSA2024-63 Firefox: Security Vulnerabilities fixed in Firefox 133 (CVE-2024-11701) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 11/29/2024 Description The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133 and Thunderbird < 133. Solution(s) mozilla-firefox-upgrade-133_0 References https://attackerkb.com/topics/cve-2024-11701 CVE - 2024-11701 http://www.mozilla.org/security/announce/2024/mfsa2024-63.html

MFSA2024-63 Firefox: Security Vulnerabilities fixed in Firefox 133 (CVE-2024-11696) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 11/29/2024 Description The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed.Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Solution(s) mozilla-firefox-upgrade-133_0 References https://attackerkb.com/topics/cve-2024-11696 CVE - 2024-11696 http://www.mozilla.org/security/announce/2024/mfsa2024-63.html

MFSA2024-63 Firefox: Security Vulnerabilities fixed in Firefox 133 (CVE-2024-11695) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 11/29/2024 Description A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Solution(s) mozilla-firefox-upgrade-133_0 References https://attackerkb.com/topics/cve-2024-11695 CVE - 2024-11695 http://www.mozilla.org/security/announce/2024/mfsa2024-63.html

MFSA2024-64 Firefox: Security Vulnerabilities fixed in Firefox ESR 128.5 (CVE-2024-11691) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 12/16/2024 Description Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. *This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, Thunderbird < 128.5, and Thunderbird < 115.18. Solution(s) mozilla-firefox-esr-upgrade-128_5 References https://attackerkb.com/topics/cve-2024-11691 CVE - 2024-11691 http://www.mozilla.org/security/announce/2024/mfsa2024-64.html

SUSE: CVE-2024-11407: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 01/04/2025 Added 01/03/2025 Modified 01/03/2025 Description There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPC_ARG_TCP_TX_ZEROCOPY_ENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission over the network thus leading the receiver to receive an incorrect set of bytes causing RPC requests to fail. We recommend upgrading past commit e9046b2bbebc0cb7f5dc42008f807f6c7e98e791 Solution(s) suse-upgrade-grpc-devel suse-upgrade-grpc-source suse-upgrade-libgrpc-1_60 suse-upgrade-libgrpc1_60 suse-upgrade-libgrpc37 suse-upgrade-libupb37 suse-upgrade-python311-grpcio suse-upgrade-upb-devel References https://attackerkb.com/topics/cve-2024-11407 CVE - 2024-11407

SUSE: CVE-2024-11691: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 01/04/2025 Added 01/03/2025 Modified 01/03/2025 Description Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. *This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, Thunderbird < 128.5, and Thunderbird < 115.18. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-11691 CVE - 2024-11691

MFSA2024-67 Thunderbird: Security Vulnerabilities fixed in Thunderbird 133 (CVE-2024-11705) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 11/29/2024 Description `NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which allows `phKey` to be NULL for certain mechanisms. This vulnerability affects Firefox < 133 and Thunderbird < 133. Solution(s) mozilla-thunderbird-upgrade-133_0 References https://attackerkb.com/topics/cve-2024-11705 CVE - 2024-11705 http://www.mozilla.org/security/announce/2024/mfsa2024-67.html

MFSA2024-68 Thunderbird: Security Vulnerabilities fixed in Thunderbird 128.5 (CVE-2024-11697) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 02/14/2025 Description When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Solution(s) mozilla-thunderbird-upgrade-128_5 References https://attackerkb.com/topics/cve-2024-11697 CVE - 2024-11697 http://www.mozilla.org/security/announce/2024/mfsa2024-68.html

MFSA2024-67 Thunderbird: Security Vulnerabilities fixed in Thunderbird 133 (CVE-2024-11706) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 11/29/2024 Description A null pointer dereference may have inadvertently occurred in `pk12util`, and specifically in the `SEC_ASN1DecodeItem_Util` function, when handling malformed or improperly formatted input files. This vulnerability affects Firefox < 133 and Thunderbird < 133. Solution(s) mozilla-thunderbird-upgrade-133_0 References https://attackerkb.com/topics/cve-2024-11706 CVE - 2024-11706 http://www.mozilla.org/security/announce/2024/mfsa2024-67.html

SUSE: CVE-2024-11233: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:C) Published 11/24/2024 Created 01/04/2025 Added 01/03/2025 Modified 01/28/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas. Solution(s) suse-upgrade-apache2-mod_php7 suse-upgrade-apache2-mod_php8 suse-upgrade-php7 suse-upgrade-php7-bcmath suse-upgrade-php7-bz2 suse-upgrade-php7-calendar suse-upgrade-php7-cli suse-upgrade-php7-ctype suse-upgrade-php7-curl suse-upgrade-php7-dba suse-upgrade-php7-devel suse-upgrade-php7-dom suse-upgrade-php7-embed suse-upgrade-php7-enchant suse-upgrade-php7-exif suse-upgrade-php7-fastcgi suse-upgrade-php7-fileinfo suse-upgrade-php7-fpm suse-upgrade-php7-ftp suse-upgrade-php7-gd suse-upgrade-php7-gettext suse-upgrade-php7-gmp suse-upgrade-php7-iconv suse-upgrade-php7-intl suse-upgrade-php7-json suse-upgrade-php7-ldap suse-upgrade-php7-mbstring suse-upgrade-php7-mysql suse-upgrade-php7-odbc suse-upgrade-php7-opcache suse-upgrade-php7-openssl suse-upgrade-php7-pcntl suse-upgrade-php7-pdo suse-upgrade-php7-pgsql suse-upgrade-php7-phar suse-upgrade-php7-posix suse-upgrade-php7-readline suse-upgrade-php7-shmop suse-upgrade-php7-snmp suse-upgrade-php7-soap suse-upgrade-php7-sockets suse-upgrade-php7-sodium suse-upgrade-php7-sqlite suse-upgrade-php7-sysvmsg suse-upgrade-php7-sysvsem suse-upgrade-php7-sysvshm suse-upgrade-php7-test suse-upgrade-php7-tidy suse-upgrade-php7-tokenizer suse-upgrade-php7-xmlreader suse-upgrade-php7-xmlrpc suse-upgrade-php7-xmlwriter suse-upgrade-php7-xsl suse-upgrade-php7-zip suse-upgrade-php7-zlib suse-upgrade-php8 suse-upgrade-php8-bcmath suse-upgrade-php8-bz2 suse-upgrade-php8-calendar suse-upgrade-php8-cli suse-upgrade-php8-ctype suse-upgrade-php8-curl suse-upgrade-php8-dba suse-upgrade-php8-devel suse-upgrade-php8-dom suse-upgrade-php8-embed suse-upgrade-php8-enchant suse-upgrade-php8-exif suse-upgrade-php8-fastcgi suse-upgrade-php8-ffi suse-upgrade-php8-fileinfo suse-upgrade-php8-fpm suse-upgrade-php8-fpm-apache suse-upgrade-php8-ftp suse-upgrade-php8-gd suse-upgrade-php8-gettext suse-upgrade-php8-gmp suse-upgrade-php8-iconv suse-upgrade-php8-intl suse-upgrade-php8-ldap suse-upgrade-php8-mbstring suse-upgrade-php8-mysql suse-upgrade-php8-odbc suse-upgrade-php8-opcache suse-upgrade-php8-openssl suse-upgrade-php8-pcntl suse-upgrade-php8-pdo suse-upgrade-php8-pgsql suse-upgrade-php8-phar suse-upgrade-php8-posix suse-upgrade-php8-readline suse-upgrade-php8-shmop suse-upgrade-php8-snmp suse-upgrade-php8-soap suse-upgrade-php8-sockets suse-upgrade-php8-sodium suse-upgrade-php8-sqlite suse-upgrade-php8-sysvmsg suse-upgrade-php8-sysvsem suse-upgrade-php8-sysvshm suse-upgrade-php8-test suse-upgrade-php8-tidy suse-upgrade-php8-tokenizer suse-upgrade-php8-xmlreader suse-upgrade-php8-xmlwriter suse-upgrade-php8-xsl suse-upgrade-php8-zip suse-upgrade-php8-zlib References https://attackerkb.com/topics/cve-2024-11233 CVE - 2024-11233

MFSA2024-64 Firefox: Security Vulnerabilities fixed in Firefox ESR 128.5 (CVE-2024-11695) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/26/2024 Created 11/28/2024 Added 11/27/2024 Modified 11/29/2024 Description A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Solution(s) mozilla-firefox-esr-upgrade-128_5 References https://attackerkb.com/topics/cve-2024-11695 CVE - 2024-11695 http://www.mozilla.org/security/announce/2024/mfsa2024-64.html

Debian: CVE-2024-53102: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/25/2024 Created 12/03/2024 Added 12/02/2024 Modified 12/16/2024 Description Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-53102 CVE - 2024-53102

Ubuntu: (Multiple Advisories) (CVE-2024-11234): PHP vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 11/24/2024 Created 12/17/2024 Added 12/16/2024 Modified 01/31/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. Solution(s) ubuntu-pro-upgrade-libapache2-mod-php7-0 ubuntu-pro-upgrade-libapache2-mod-php7-4 ubuntu-pro-upgrade-libapache2-mod-php8-0 ubuntu-pro-upgrade-libapache2-mod-php8-1 ubuntu-pro-upgrade-libapache2-mod-php8-3 ubuntu-pro-upgrade-php7-0 ubuntu-pro-upgrade-php7-0-cgi ubuntu-pro-upgrade-php7-0-cli ubuntu-pro-upgrade-php7-0-ldap ubuntu-pro-upgrade-php7-0-mysql ubuntu-pro-upgrade-php7-4 ubuntu-pro-upgrade-php7-4-cgi ubuntu-pro-upgrade-php7-4-cli ubuntu-pro-upgrade-php7-4-fpm ubuntu-pro-upgrade-php7-4-mysql ubuntu-pro-upgrade-php8-1 ubuntu-pro-upgrade-php8-1-cgi ubuntu-pro-upgrade-php8-1-cli ubuntu-pro-upgrade-php8-1-enchant ubuntu-pro-upgrade-php8-1-fpm ubuntu-pro-upgrade-php8-1-mysql ubuntu-pro-upgrade-php8-3 ubuntu-pro-upgrade-php8-3-cgi ubuntu-pro-upgrade-php8-3-cli ubuntu-pro-upgrade-php8-3-fpm ubuntu-pro-upgrade-php8-3-mysql References https://attackerkb.com/topics/cve-2024-11234 CVE - 2024-11234 USN-7157-1 USN-7157-2 USN-7157-3

Debian: CVE-2024-11236: php7.4, php8.2 -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/24/2024 Created 12/03/2024 Added 12/02/2024 Modified 01/28/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. Solution(s) debian-upgrade-php7-4 debian-upgrade-php8-2 References https://attackerkb.com/topics/cve-2024-11236 CVE - 2024-11236 DSA-5819-1

Ubuntu: (Multiple Advisories) (CVE-2024-11233): PHP vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:C) Published 11/24/2024 Created 12/17/2024 Added 12/16/2024 Modified 01/31/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas. Solution(s) ubuntu-pro-upgrade-libapache2-mod-php7-0 ubuntu-pro-upgrade-libapache2-mod-php7-4 ubuntu-pro-upgrade-libapache2-mod-php8-0 ubuntu-pro-upgrade-libapache2-mod-php8-1 ubuntu-pro-upgrade-libapache2-mod-php8-3 ubuntu-pro-upgrade-php7-0 ubuntu-pro-upgrade-php7-0-cgi ubuntu-pro-upgrade-php7-0-cli ubuntu-pro-upgrade-php7-0-ldap ubuntu-pro-upgrade-php7-0-mysql ubuntu-pro-upgrade-php7-4 ubuntu-pro-upgrade-php7-4-cgi ubuntu-pro-upgrade-php7-4-cli ubuntu-pro-upgrade-php7-4-fpm ubuntu-pro-upgrade-php7-4-mysql ubuntu-pro-upgrade-php8-1 ubuntu-pro-upgrade-php8-1-cgi ubuntu-pro-upgrade-php8-1-cli ubuntu-pro-upgrade-php8-1-enchant ubuntu-pro-upgrade-php8-1-fpm ubuntu-pro-upgrade-php8-1-mysql ubuntu-pro-upgrade-php8-3 ubuntu-pro-upgrade-php8-3-cgi ubuntu-pro-upgrade-php8-3-cli ubuntu-pro-upgrade-php8-3-fpm ubuntu-pro-upgrade-php8-3-mysql References https://attackerkb.com/topics/cve-2024-11233 CVE - 2024-11233 USN-7157-1 USN-7157-2 USN-7157-3

PHP Vulnerability: CVE-2024-11233 Severity 9 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:C) Published 11/24/2024 Created 12/04/2024 Added 12/02/2024 Modified 01/28/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas. Solution(s) php-upgrade-8_1_31 php-upgrade-8_2_26 php-upgrade-8_3_14 References https://attackerkb.com/topics/cve-2024-11233 CVE - 2024-11233

SUSE: CVE-2024-11236: SUSE Linux Security Advisory Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/24/2024 Created 01/04/2025 Added 01/03/2025 Modified 01/28/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. Solution(s) suse-upgrade-apache2-mod_php8 suse-upgrade-php8 suse-upgrade-php8-bcmath suse-upgrade-php8-bz2 suse-upgrade-php8-calendar suse-upgrade-php8-cli suse-upgrade-php8-ctype suse-upgrade-php8-curl suse-upgrade-php8-dba suse-upgrade-php8-devel suse-upgrade-php8-dom suse-upgrade-php8-embed suse-upgrade-php8-enchant suse-upgrade-php8-exif suse-upgrade-php8-fastcgi suse-upgrade-php8-ffi suse-upgrade-php8-fileinfo suse-upgrade-php8-fpm suse-upgrade-php8-fpm-apache suse-upgrade-php8-ftp suse-upgrade-php8-gd suse-upgrade-php8-gettext suse-upgrade-php8-gmp suse-upgrade-php8-iconv suse-upgrade-php8-intl suse-upgrade-php8-ldap suse-upgrade-php8-mbstring suse-upgrade-php8-mysql suse-upgrade-php8-odbc suse-upgrade-php8-opcache suse-upgrade-php8-openssl suse-upgrade-php8-pcntl suse-upgrade-php8-pdo suse-upgrade-php8-pgsql suse-upgrade-php8-phar suse-upgrade-php8-posix suse-upgrade-php8-readline suse-upgrade-php8-shmop suse-upgrade-php8-snmp suse-upgrade-php8-soap suse-upgrade-php8-sockets suse-upgrade-php8-sodium suse-upgrade-php8-sqlite suse-upgrade-php8-sysvmsg suse-upgrade-php8-sysvsem suse-upgrade-php8-sysvshm suse-upgrade-php8-test suse-upgrade-php8-tidy suse-upgrade-php8-tokenizer suse-upgrade-php8-xmlreader suse-upgrade-php8-xmlwriter suse-upgrade-php8-xsl suse-upgrade-php8-zip suse-upgrade-php8-zlib References https://attackerkb.com/topics/cve-2024-11236 CVE - 2024-11236

SUSE: CVE-2024-11234: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 11/24/2024 Created 01/04/2025 Added 01/03/2025 Modified 01/28/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. Solution(s) suse-upgrade-apache2-mod_php7 suse-upgrade-apache2-mod_php8 suse-upgrade-php7 suse-upgrade-php7-bcmath suse-upgrade-php7-bz2 suse-upgrade-php7-calendar suse-upgrade-php7-cli suse-upgrade-php7-ctype suse-upgrade-php7-curl suse-upgrade-php7-dba suse-upgrade-php7-devel suse-upgrade-php7-dom suse-upgrade-php7-embed suse-upgrade-php7-enchant suse-upgrade-php7-exif suse-upgrade-php7-fastcgi suse-upgrade-php7-fileinfo suse-upgrade-php7-fpm suse-upgrade-php7-ftp suse-upgrade-php7-gd suse-upgrade-php7-gettext suse-upgrade-php7-gmp suse-upgrade-php7-iconv suse-upgrade-php7-intl suse-upgrade-php7-json suse-upgrade-php7-ldap suse-upgrade-php7-mbstring suse-upgrade-php7-mysql suse-upgrade-php7-odbc suse-upgrade-php7-opcache suse-upgrade-php7-openssl suse-upgrade-php7-pcntl suse-upgrade-php7-pdo suse-upgrade-php7-pgsql suse-upgrade-php7-phar suse-upgrade-php7-posix suse-upgrade-php7-readline suse-upgrade-php7-shmop suse-upgrade-php7-snmp suse-upgrade-php7-soap suse-upgrade-php7-sockets suse-upgrade-php7-sodium suse-upgrade-php7-sqlite suse-upgrade-php7-sysvmsg suse-upgrade-php7-sysvsem suse-upgrade-php7-sysvshm suse-upgrade-php7-test suse-upgrade-php7-tidy suse-upgrade-php7-tokenizer suse-upgrade-php7-xmlreader suse-upgrade-php7-xmlrpc suse-upgrade-php7-xmlwriter suse-upgrade-php7-xsl suse-upgrade-php7-zip suse-upgrade-php7-zlib suse-upgrade-php8 suse-upgrade-php8-bcmath suse-upgrade-php8-bz2 suse-upgrade-php8-calendar suse-upgrade-php8-cli suse-upgrade-php8-ctype suse-upgrade-php8-curl suse-upgrade-php8-dba suse-upgrade-php8-devel suse-upgrade-php8-dom suse-upgrade-php8-embed suse-upgrade-php8-enchant suse-upgrade-php8-exif suse-upgrade-php8-fastcgi suse-upgrade-php8-ffi suse-upgrade-php8-fileinfo suse-upgrade-php8-fpm suse-upgrade-php8-fpm-apache suse-upgrade-php8-ftp suse-upgrade-php8-gd suse-upgrade-php8-gettext suse-upgrade-php8-gmp suse-upgrade-php8-iconv suse-upgrade-php8-intl suse-upgrade-php8-ldap suse-upgrade-php8-mbstring suse-upgrade-php8-mysql suse-upgrade-php8-odbc suse-upgrade-php8-opcache suse-upgrade-php8-openssl suse-upgrade-php8-pcntl suse-upgrade-php8-pdo suse-upgrade-php8-pgsql suse-upgrade-php8-phar suse-upgrade-php8-posix suse-upgrade-php8-readline suse-upgrade-php8-shmop suse-upgrade-php8-snmp suse-upgrade-php8-soap suse-upgrade-php8-sockets suse-upgrade-php8-sodium suse-upgrade-php8-sqlite suse-upgrade-php8-sysvmsg suse-upgrade-php8-sysvsem suse-upgrade-php8-sysvshm suse-upgrade-php8-test suse-upgrade-php8-tidy suse-upgrade-php8-tokenizer suse-upgrade-php8-xmlreader suse-upgrade-php8-xmlwriter suse-upgrade-php8-xsl suse-upgrade-php8-zip suse-upgrade-php8-zlib References https://attackerkb.com/topics/cve-2024-11234 CVE - 2024-11234

PHP Vulnerability: CVE-2024-11236 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/24/2024 Created 12/04/2024 Added 12/02/2024 Modified 01/28/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. Solution(s) php-upgrade-8_1_31 php-upgrade-8_2_26 php-upgrade-8_3_14 References https://attackerkb.com/topics/cve-2024-11236 CVE - 2024-11236

Red Hat: CVE-2024-53899: virtualenv: potential command injection via virtual environment activation scripts (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/24/2024 Created 02/11/2025 Added 02/10/2025 Modified 02/12/2025 Description virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287. Solution(s) redhat-upgrade-python-nose-docs redhat-upgrade-python-pymongo-debuginfo redhat-upgrade-python-pymongo-debugsource redhat-upgrade-python-pymongo-doc redhat-upgrade-python-sqlalchemy-doc redhat-upgrade-python-virtualenv-doc redhat-upgrade-python3-bson redhat-upgrade-python3-bson-debuginfo redhat-upgrade-python3-distro redhat-upgrade-python3-docs redhat-upgrade-python3-docutils redhat-upgrade-python3-nose redhat-upgrade-python3-pygments redhat-upgrade-python3-pymongo redhat-upgrade-python3-pymongo-debuginfo redhat-upgrade-python3-pymongo-gridfs redhat-upgrade-python3-pymysql redhat-upgrade-python3-scipy redhat-upgrade-python3-scipy-debuginfo redhat-upgrade-python3-sqlalchemy redhat-upgrade-python3-virtualenv redhat-upgrade-python3-wheel redhat-upgrade-python3-wheel-wheel redhat-upgrade-python36 redhat-upgrade-python36-debug redhat-upgrade-python36-devel redhat-upgrade-python36-rpm-macros redhat-upgrade-scipy-debugsource References CVE-2024-53899 RHSA-2024:10953 RHSA-2024:11093

Oracle Linux: CVE-2024-53899: ELSA-2024-10953:python36:3.6 security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/24/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/20/2025 Description virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287. A flaw was found in the virtualenv Python package. Due to the handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection. Solution(s) oracle-linux-upgrade-python36 oracle-linux-upgrade-python36-debug oracle-linux-upgrade-python36-devel oracle-linux-upgrade-python36-rpm-macros oracle-linux-upgrade-python3-bson oracle-linux-upgrade-python3-distro oracle-linux-upgrade-python3-docs oracle-linux-upgrade-python3-docutils oracle-linux-upgrade-python3-nose oracle-linux-upgrade-python3-pygments oracle-linux-upgrade-python3-pymongo oracle-linux-upgrade-python3-pymongo-gridfs oracle-linux-upgrade-python3-pymysql oracle-linux-upgrade-python3-scipy oracle-linux-upgrade-python3-sqlalchemy oracle-linux-upgrade-python3-virtualenv oracle-linux-upgrade-python3-wheel oracle-linux-upgrade-python3-wheel-wheel oracle-linux-upgrade-python-nose-docs oracle-linux-upgrade-python-pymongo-doc oracle-linux-upgrade-python-sqlalchemy-doc oracle-linux-upgrade-python-virtualenv oracle-linux-upgrade-python-virtualenv-doc References https://attackerkb.com/topics/cve-2024-53899 CVE - 2024-53899 ELSA-2024-10953 ELSA-2024-11048

Ubuntu: (Multiple Advisories) (CVE-2024-11236): PHP vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/24/2024 Created 12/14/2024 Added 12/13/2024 Modified 01/28/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. Solution(s) ubuntu-pro-upgrade-libapache2-mod-php7-0 ubuntu-pro-upgrade-libapache2-mod-php7-2 ubuntu-pro-upgrade-libapache2-mod-php7-4 ubuntu-pro-upgrade-libapache2-mod-php8-0 ubuntu-pro-upgrade-libapache2-mod-php8-1 ubuntu-pro-upgrade-libapache2-mod-php8-3 ubuntu-pro-upgrade-libphp7-0-embed ubuntu-pro-upgrade-libphp7-2-embed ubuntu-pro-upgrade-php7-0 ubuntu-pro-upgrade-php7-0-common ubuntu-pro-upgrade-php7-0-dev ubuntu-pro-upgrade-php7-0-interbase ubuntu-pro-upgrade-php7-0-mysql ubuntu-pro-upgrade-php7-0-pgsql ubuntu-pro-upgrade-php7-0-sqlite3 ubuntu-pro-upgrade-php7-2 ubuntu-pro-upgrade-php7-2-common ubuntu-pro-upgrade-php7-2-dev ubuntu-pro-upgrade-php7-2-interbase ubuntu-pro-upgrade-php7-2-mysql ubuntu-pro-upgrade-php7-2-pgsql ubuntu-pro-upgrade-php7-2-sqlite3 ubuntu-pro-upgrade-php7-4 ubuntu-pro-upgrade-php7-4-cgi ubuntu-pro-upgrade-php7-4-cli ubuntu-pro-upgrade-php7-4-fpm ubuntu-pro-upgrade-php7-4-mysql ubuntu-pro-upgrade-php8-1 ubuntu-pro-upgrade-php8-1-cgi ubuntu-pro-upgrade-php8-1-cli ubuntu-pro-upgrade-php8-1-enchant ubuntu-pro-upgrade-php8-1-fpm ubuntu-pro-upgrade-php8-1-mysql ubuntu-pro-upgrade-php8-3 ubuntu-pro-upgrade-php8-3-cgi ubuntu-pro-upgrade-php8-3-cli ubuntu-pro-upgrade-php8-3-fpm ubuntu-pro-upgrade-php8-3-mysql References https://attackerkb.com/topics/cve-2024-11236 CVE - 2024-11236 USN-7153-1 USN-7157-1 USN-7157-2