pkg:Bitnami/php

74 total CVEsCRITICAL17HIGH27MEDIUM27LOW3

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2024-4577⚠ KEVArgument Injection in PHP-CGI
    from 0, < 8.1.29, >= 8.2.0, < 8.2.20, >= 8.3.0, < 8.3.8
  • CRITICAL9.8CVE-2026-7261SoapServer session-persisted object use-after-free via SOAP header fault
    >= 8.2.0, < 8.2.31, >= 8.3.0, < 8.3.31, >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • CRITICAL9.8CVE-2026-6722Use-After-Free in SOAP using Apache map
    >= 8.2.0, < 8.2.31, >= 8.3.0, < 8.3.31, >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • CRITICAL9.8CVE-2025-14179SQL injection in pdo_firebird via NUL bytes in quoted strings
    >= 8.2.0, < 8.2.31, >= 8.3.0, < 8.3.31, >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • CRITICAL9.8CVE-2022-31627Heap buffer overflow in finfo_buffer
    >= 8.1.0, < 8.1.8
  • CRITICAL9.8CVE-2025-1861Stream HTTP wrapper truncates redirect location to 1024 bytes
    from 0, < 8.1.32, >= 8.2.0, < 8.2.28, >= 8.3.0, < 8.3.19, >= 8.4.0, < 8.4.5
  • CRITICAL9.8CVE-2024-11236Integer overflow in the firebird and dblib quoters causing OOB writes
    from 0, < 8.1.31, >= 8.2.0, < 8.2.26, >= 8.3.0, < 8.3.14
  • CRITICAL9.8CVE-2024-8932OOB access in ldap_escape
    from 0, < 8.1.31, >= 8.2.0, < 8.2.26, >= 8.3.0, < 8.3.14
  • CRITICAL9.8CVE-2023-3824Buffer overflow and overread in phar_dir_read()
    >= 8.0.0, < 8.0.30, >= 8.1.0, < 8.1.22, >= 8.2.0, < 8.2.9
  • CRITICAL9.8CVE-2022-37454Buffer overflow in sponge queue functions
    >= 7.2.0, < 7.4.33, >= 8.0.0, < 8.0.25, >= 8.1.0, < 8.1.12
  • CRITICAL9.8CVE-2021-21708UAF due to php_filter_float() failing
    >= 7.4.0, < 7.4.28, >= 8.0.0, < 8.0.16, >= 8.1.0, < 8.1.3
  • CRITICAL9.4CVE-2024-1874Command injection via array-ish $command parameter of proc_open()
    from 0, < 8.1.28, >= 8.2.0, < 8.2.18, >= 8.3.0, < 8.3.5
  • CRITICAL9.1CVE-2026-6104Global buffer over-read in mb_convert_encoding() with attacker-supplied encoding
    >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • CRITICAL9.1CVE-2020-7061heap-buffer-overflow in phar_extract_file
    >= 7.2.0, < 7.2.28, >= 7.3.0, < 7.3.15, >= 7.4.0, < 7.4.3
  • CRITICAL9.1CVE-2022-31631PDO::quote() may return unquoted string
    >= 8.0.0, < 8.0.27, >= 8.1.0, < 8.1.15, >= 8.2.0, < 8.2.2
  • CRITICAL9.1CVE-2020-7060global buffer-overflow in mbfl_filt_conv_big5_wchar
    >= 7.2.0, < 7.2.27, >= 7.3.0, < 7.3.14, >= 7.4.0, < 7.4.2
  • CRITICAL9.1CVE-2020-7059OOB read in php_strip_tags_ex
    >= 7.2.0, < 7.2.27, >= 7.3.0, < 7.3.14, >= 7.4.0, < 7.4.2
  • HIGH8.8CVE-2024-5585Command injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)
    from 0, < 8.1.29, >= 8.2.0, < 8.2.20, >= 8.3.0, < 8.3.8
  • HIGH8.8CVE-2024-8926PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)
    from 0, < 8.1.30, >= 8.2.0, < 8.2.24, >= 8.3.0, < 8.3.12
  • HIGH8.8CVE-2022-31626mysqlnd/pdo password buffer overflow
    >= 7.4.0, < 7.4.30, >= 8.0.0, < 8.0.20, >= 8.1.0, < 8.1.7
  • HIGH8.8CVE-2020-7065mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full
    >= 7.3.0, < 7.3.16, >= 7.4.0, < 7.4.4
  • HIGH8.2CVE-2025-14178Heap buffer overflow in array_merge()
    from 0, < 8.1.34, >= 8.2.0, < 8.2.30, >= 8.3.0, < 8.3.29, >= 8.4.0, < 8.4.16, >= 8.5.0, < 8.5.1
  • HIGH8.2CVE-2024-11233Single byte overread with convert.quoted-printable-decode filter
    from 0, < 8.1.31, >= 8.2.0, < 8.2.26, >= 8.3.0, < 8.3.14
  • HIGH8.1CVE-2024-11235Reference counting in php_request_shutdown causes Use-After-Free
    >= 8.3.0, < 8.3.19, >= 8.4.0, < 8.4.5
  • HIGH8.1CVE-2023-0568Array overrun in common path resolve code
    >= 8.0.0, < 8.0.28, >= 8.1.0, < 8.1.16, >= 8.2.0, < 8.2.3
  • HIGH8.1CVE-2022-31625Freeing unallocated memory in php_pgsql_free_params()
    >= 7.4.0, < 7.4.30, >= 8.0.0, < 8.0.20, >= 8.1.0, < 8.1.7
  • HIGH7.5CVE-2026-7263DoS attack via DOMNode::C14N()
    >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • HIGH7.5CVE-2026-7568Signed integer overflow in metaphone()
    >= 8.2.0, < 8.2.31, >= 8.3.0, < 8.3.31, >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • HIGH7.5CVE-2026-7262NULL pointer dereference in SOAP apache:Map decoder with missing <value>
    >= 8.2.0, < 8.2.31, >= 8.3.0, < 8.3.31, >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • HIGH7.5CVE-2026-7258Out-of-bounds read in urldecode() on NetBSD
    >= 8.2.0, < 8.2.31, >= 8.3.0, < 8.3.31, >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • HIGH7.5CVE-2025-14180NULL Pointer Dereference in PDO quoting
    from 0, < 8.1.34, >= 8.2.0, < 8.2.30, >= 8.3.0, < 8.3.29, >= 8.4.0, < 8.4.16, >= 8.5.0, < 8.5.1
  • HIGH7.5CVE-2025-14177Information Leak of Memory in getimagesize
    from 0, < 8.1.34, >= 8.2.0, < 8.2.30, >= 8.3.0, < 8.3.29, >= 8.4.0, < 8.4.16, >= 8.5.0, < 8.5.1
  • HIGH7.5CVE-2024-2757PHP mb_encode_mimeheader runs endlessly for some inputs
    >= 8.3.0, < 8.3.5
  • HIGH7.5CVE-2025-1735pgsql extension does not check for errors during escaping
    from 0, < 8.1.33, >= 8.2.0, < 8.2.29, >= 8.3.0, < 8.3.23, >= 8.4.0, < 8.4.10
  • HIGH7.5CVE-2024-8927cgi.force_redirect configuration is bypassable due to the environment variable collision
    from 0, < 8.1.30, >= 8.2.0, < 8.2.24, >= 8.3.0, < 8.3.12
  • HIGH7.5CVE-2023-3823Security issue with external entity loading in XML without enabling it
    >= 8.0.0, < 8.0.30, >= 8.1.0, < 8.1.22, >= 8.2.0, < 8.2.9
  • HIGH7.5CVE-2023-0662DoS vulnerability when parsing multipart request body
    >= 8.0.0, < 8.0.28, >= 8.1.0, < 8.1.16, >= 8.2.0, < 8.2.3
  • HIGH7.5CVE-2021-21702Null Dereference in SoapClient
    >= 7.3.0, < 7.3.27, >= 7.4.0, < 7.4.15, >= 8.0.0, < 8.0.2
  • HIGH7.5CVE-2020-7067OOB Read in urldecode()
    >= 7.2.0, < 7.2.30, >= 7.3.0, < 7.3.17, >= 7.4.0, < 7.4.5
  • HIGH7.5CVE-2020-7062Null Pointer Dereference in PHP Session Upload Progress
    >= 7.2.0, < 7.2.28, >= 7.3.0, < 7.3.15, >= 7.4.0, < 7.4.3
  • HIGH7.3CVE-2025-1736Stream HTTP wrapper header check might omit basic auth header
    from 0, < 8.1.32, >= 8.2.0, < 8.2.28, >= 8.3.0, < 8.3.19, >= 8.4.0, < 8.4.5
  • HIGH7.2CVE-2024-11234Configuring a proxy in a stream context might allow for CRLF injection in URIs
    from 0, < 8.1.31, >= 8.2.0, < 8.2.26, >= 8.3.0, < 8.3.14
  • HIGH7.1CVE-2022-31630OOB read due to insufficient input validation in imageloadfont()
    >= 7.4.0, < 7.4.33, >= 8.0.0, < 8.0.25, >= 8.1.0, < 8.1.12
  • HIGH7.0CVE-2021-21703PHP-FPM memory access in root process leading to privilege escalation
    >= 7.3.0, < 7.3.32, >= 7.4.0, < 7.4.25, >= 8.0.0, < 8.0.12
  • MEDIUM6.5CVE-2026-7259Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()
    >= 8.2.0, < 8.2.31, >= 8.3.0, < 8.3.31, >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • MEDIUM6.5CVE-2021-21706ZipArchive::extractTo may extract outside of destination dir
    >= 7.3.0, < 7.3.31, >= 7.4.0, < 7.4.24, >= 8.0.0, < 8.0.11
  • MEDIUM6.5CVE-2024-3096PHP function password_verify can erroneously return true when argument contains NUL
    from 0, < 8.1.28, >= 8.2.0, < 8.2.18, >= 8.3.0, < 8.3.5
  • MEDIUM6.5CVE-2024-2756__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
    from 0, < 8.1.28, >= 8.2.0, < 8.2.18, >= 8.3.0, < 8.3.5
  • MEDIUM6.5CVE-2022-31629$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
    from 0, < 7.4.31, >= 8.0.0, < 8.0.24, >= 8.1.0, < 8.1.11
  • MEDIUM6.5CVE-2020-7069Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
    >= 7.2.0, < 7.2.34, >= 7.3.0, < 7.3.23, >= 7.4.0, < 7.4.11
  • MEDIUM6.2CVE-2023-0567password_verify() always returns true for some invalid hashes
    >= 8.0.0, < 8.0.28, >= 8.1.0, < 8.1.16, >= 8.2.0, < 8.2.3
  • MEDIUM6.1CVE-2026-6735XSS within PHP-FPM status endpoint
    >= 8.2.0, < 8.2.31, >= 8.3.0, < 8.3.31, >= 8.4.0, < 8.4.21, >= 8.5.0, < 8.5.6
  • MEDIUM5.9CVE-2025-6491NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
    from 0, < 8.1.33, >= 8.2.0, < 8.2.29, >= 8.3.0, < 8.3.23, >= 8.4.0, < 8.4.10
  • MEDIUM5.9CVE-2024-2408PHP is vulnerable to the Marvin Attack
    from 0, < 8.1.29, >= 8.2.0, < 8.2.20, >= 8.3.0, < 8.3.8
  • MEDIUM5.9CVE-2021-21704Multiple vulnerabilities in Firebird client extension
    >= 7.3.0, < 7.3.29, >= 7.4.0, < 7.4.21, >= 8.0.0, < 8.0.8
  • MEDIUM5.8CVE-2024-8929Leak partial content of the heap through heap buffer over-read in mysqlnd
    from 0, < 8.1.31, >= 8.2.0, < 8.2.24, >= 8.3.0, < 8.3.14
  • MEDIUM5.5CVE-2022-4900Potential buffer overflow in php_cli_server_startup_workers
    >= 7.4.0, < 8.0.22
  • MEDIUM5.5CVE-2022-31628phar wrapper can occur dos when using quine gzip file
    from 0, < 7.4.31, >= 8.0.0, < 8.0.24, >= 8.1.0, < 8.1.11
  • MEDIUM5.4CVE-2020-7064Use-of-uninitialized-value in exif
    >= 7.2.0, < 7.2.29, >= 7.3.0, < 7.3.16, >= 7.4.0, < 7.4.4
  • MEDIUM5.3CVE-2025-1220Null byte termination in hostnames
    from 0, < 8.1.33, >= 8.2.0, < 8.2.29, >= 8.3.0, < 8.3.23, >= 8.4.0, < 8.4.10
  • MEDIUM5.3CVE-2025-1734Streams HTTP wrapper does not fail for headers with invalid name and no colon
    from 0, < 8.1.32, >= 8.2.0, < 8.2.28, >= 8.3.0, < 8.3.19, >= 8.4.0, < 8.4.5
  • MEDIUM5.3CVE-2025-1219libxml streams use wrong content-type header when requesting a redirected resource
    from 0, < 8.1.32, >= 8.2.0, < 8.2.28, >= 8.3.0, < 8.3.19, >= 8.4.0, < 8.4.5
  • MEDIUM5.3CVE-2024-8925Erroneous parsing of multipart form data
    from 0, < 8.1.30, >= 8.2.0, < 8.2.24, >= 8.3.0, < 8.3.12
  • MEDIUM5.3CVE-2024-5458Filter bypass in filter_var (FILTER_VALIDATE_URL)
    from 0, < 8.1.29, >= 8.2.0, < 8.2.20, >= 8.3.0, < 8.3.8
  • MEDIUM5.3CVE-2021-21707Special characters break path parsing in XML functions
    >= 7.3.0, < 7.3.33, >= 7.4.0, < 7.4.26, >= 8.0.0, < 8.0.13
  • MEDIUM5.3CVE-2021-21705Incorrect URL validation in FILTER_VALIDATE_URL
    >= 7.3.0, < 7.3.29, >= 7.4.0, < 7.4.21, >= 8.0.0, < 8.0.8
  • MEDIUM5.3CVE-2020-7071FILTER_VALIDATE_URL accepts URLs with invalid userinfo
    >= 7.3.0, < 7.3.26, >= 7.4.0, < 7.4.14, >= 8.0.0, < 8.0.1
  • MEDIUM5.3CVE-2020-7070PHP parses encoded cookie names so malicious `__Host-` cookies can be sent
    >= 7.2.0, < 7.2.34, >= 7.3.0, < 7.3.23, >= 7.4.0, < 7.4.11
  • MEDIUM5.3CVE-2020-7063Files added to tar with Phar::buildFromIterator have all-access permissions
    >= 7.2.0, < 7.2.28, >= 7.3.0, < 7.3.15, >= 7.4.0, < 7.4.3
  • MEDIUM4.3CVE-2023-3247Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP
    >= 8.0.0, < 8.0.29, >= 8.1.0, < 8.1.20, >= 8.2.0, < 8.2.7
  • MEDIUM4.3CVE-2020-7066get_headers() silently truncates after a null byte
    >= 7.2.0, < 7.2.29, >= 7.3.0, < 7.3.16, >= 7.4.0, < 7.4.4
  • LOW3.6CVE-2020-7068Use of freed hash key in the phar_parse_zipfile function
    >= 7.2.0, < 7.2.33, >= 7.3.0, < 7.3.21, >= 7.4.0, < 7.4.9
  • LOW3.3CVE-2024-9026PHP-FPM logs from children may be altered
    from 0, < 8.1.30, >= 8.2.0, < 8.2.24, >= 8.3.0, < 8.3.12
  • LOW3.1CVE-2025-1217Header parser of http stream wrapper does not handle folded headers
    from 0, < 8.1.32, >= 8.2.0, < 8.2.28, >= 8.3.0, < 8.3.19, >= 8.4.0, < 8.4.5