CLSA-2026-1777946242

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1777946242
Upstream
Published
2026-05-05T01:57:28Z
Modified
2026-05-27T11:34:48.925681287Z
Summary
php: Fix of 13 CVEs
Details
  • CVE-2018-14883: fix int overflow leading to heap overflow in exifthumbnailextract
  • CVE-2019-6977: fix imagecolormatch out-of-bounds write on heap in GD
  • CVE-2019-9022: fix memcpy with negative length via crafted DNS response
  • CVE-2019-9640: fix invalid read in exifprocessSOFn
  • CVE-2019-11042: fix heap buffer overflow in exifprocessuser_comment
  • CVE-2019-9638, CVE-2019-9639: fix uninitialized read in exifprocessIFDinMAKERNOTE (single upstream commit covers both)
  • CVE-2019-9637: safer rename() procedure to avoid permission leak on EXDEV cross-filesystem fallback
  • CVE-2019-19246: fix Oniguruma out-of-bounds read in strlowercase_match
  • CVE-2019-9024: fix xmlrpc base64 out-of-bounds read via unsigned char cast
  • CVE-2018-20783: fix pharparsepharfile buffer over-read via stricter manifest bounds checks
  • CVE-2018-19518: disable rsh/ssh logins in imapopen by default (new norsh/no_ssh INI entries)
  • CVE-2018-19935: fix imap_mail NULL pointer dereference on empty message parameter
References

Affected packages

TuxCare:OracleLinux:6
php

Package

Name
php
Purl
pkg:rpm/tuxcare/php?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-bcmath

Package

Name
php-bcmath
Purl
pkg:rpm/tuxcare/php-bcmath?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-cli

Package

Name
php-cli
Purl
pkg:rpm/tuxcare/php-cli?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-common

Package

Name
php-common
Purl
pkg:rpm/tuxcare/php-common?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-dba

Package

Name
php-dba
Purl
pkg:rpm/tuxcare/php-dba?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-devel

Package

Name
php-devel
Purl
pkg:rpm/tuxcare/php-devel?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-embedded

Package

Name
php-embedded
Purl
pkg:rpm/tuxcare/php-embedded?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-enchant

Package

Name
php-enchant
Purl
pkg:rpm/tuxcare/php-enchant?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-fpm

Package

Name
php-fpm
Purl
pkg:rpm/tuxcare/php-fpm?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-gd

Package

Name
php-gd
Purl
pkg:rpm/tuxcare/php-gd?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-imap

Package

Name
php-imap
Purl
pkg:rpm/tuxcare/php-imap?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-intl

Package

Name
php-intl
Purl
pkg:rpm/tuxcare/php-intl?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-ldap

Package

Name
php-ldap
Purl
pkg:rpm/tuxcare/php-ldap?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-mbstring

Package

Name
php-mbstring
Purl
pkg:rpm/tuxcare/php-mbstring?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-mysql

Package

Name
php-mysql
Purl
pkg:rpm/tuxcare/php-mysql?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-odbc

Package

Name
php-odbc
Purl
pkg:rpm/tuxcare/php-odbc?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-pdo

Package

Name
php-pdo
Purl
pkg:rpm/tuxcare/php-pdo?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-pgsql

Package

Name
php-pgsql
Purl
pkg:rpm/tuxcare/php-pgsql?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-process

Package

Name
php-process
Purl
pkg:rpm/tuxcare/php-process?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-pspell

Package

Name
php-pspell
Purl
pkg:rpm/tuxcare/php-pspell?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-recode

Package

Name
php-recode
Purl
pkg:rpm/tuxcare/php-recode?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-snmp

Package

Name
php-snmp
Purl
pkg:rpm/tuxcare/php-snmp?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-soap

Package

Name
php-soap
Purl
pkg:rpm/tuxcare/php-soap?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-tidy

Package

Name
php-tidy
Purl
pkg:rpm/tuxcare/php-tidy?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-xml

Package

Name
php-xml
Purl
pkg:rpm/tuxcare/php-xml?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-xmlrpc

Package

Name
php-xmlrpc
Purl
pkg:rpm/tuxcare/php-xmlrpc?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"
php-zts

Package

Name
php-zts
Purl
pkg:rpm/tuxcare/php-zts?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.3-50.el6_10.tuxcare.ol.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777946242.json"