USN-3922-2
- Source
- https://ubuntu.com/security/notices/USN-3922-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3922-2.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-3922-2
- Upstream
- Related
- Published
- 2019-04-23T12:57:02.547970Z
- Modified
- 2025-10-13T04:34:47Z
- Summary
- php5 vulnerabilities
- Details
-
USN-3922-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 LTS.
It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. (CVE-2019-9022)
It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-9675)
Original advisory details:
It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640, CVE-2019-9641)
- References
-
- https://ubuntu.com/security/notices/USN-3922-2
- https://ubuntu.com/security/CVE-2019-9022
- https://ubuntu.com/security/CVE-2019-9637
- https://ubuntu.com/security/CVE-2019-9638
- https://ubuntu.com/security/CVE-2019-9639
- https://ubuntu.com/security/CVE-2019-9640
- https://ubuntu.com/security/CVE-2019-9641
- https://ubuntu.com/security/CVE-2019-9675
Affected packages
Ubuntu:14.04:LTS / php5
Package
- Name
- php5
- Purl
- pkg:deb/ubuntu/php5@5.5.9+dfsg-1ubuntu4.29?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.5.9+dfsg-1ubuntu4.29
Affected versions
5.*
5.5.3+dfsg-1ubuntu2
5.5.3+dfsg-1ubuntu3
5.5.6+dfsg-1ubuntu1
5.5.6+dfsg-1ubuntu2
5.5.8+dfsg-2ubuntu1
5.5.9+dfsg-1ubuntu1
5.5.9+dfsg-1ubuntu2
5.5.9+dfsg-1ubuntu3
5.5.9+dfsg-1ubuntu4
5.5.9+dfsg-1ubuntu4.1
5.5.9+dfsg-1ubuntu4.2
5.5.9+dfsg-1ubuntu4.3
5.5.9+dfsg-1ubuntu4.4
5.5.9+dfsg-1ubuntu4.5
5.5.9+dfsg-1ubuntu4.6
5.5.9+dfsg-1ubuntu4.7
5.5.9+dfsg-1ubuntu4.9
5.5.9+dfsg-1ubuntu4.11
5.5.9+dfsg-1ubuntu4.12
5.5.9+dfsg-1ubuntu4.13
5.5.9+dfsg-1ubuntu4.14
5.5.9+dfsg-1ubuntu4.16
5.5.9+dfsg-1ubuntu4.17
5.5.9+dfsg-1ubuntu4.19
5.5.9+dfsg-1ubuntu4.20
5.5.9+dfsg-1ubuntu4.21
5.5.9+dfsg-1ubuntu4.22
5.5.9+dfsg-1ubuntu4.23
5.5.9+dfsg-1ubuntu4.24
5.5.9+dfsg-1ubuntu4.25
5.5.9+dfsg-1ubuntu4.26
5.5.9+dfsg-1ubuntu4.27
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libapache2-mod-php5",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "libapache2-mod-php5filter",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "libphp5-embed",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php-pear",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-cgi",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-cli",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-common",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-curl",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-dev",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-enchant",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-fpm",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-gd",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-gmp",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-intl",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-ldap",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-mysql",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-mysqlnd",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-odbc",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-pgsql",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-pspell",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-readline",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-recode",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-snmp",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-sqlite",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-sybase",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-tidy",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-xmlrpc",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
},
{
"binary_name": "php5-xsl",
"binary_version": "5.5.9+dfsg-1ubuntu4.29"
}
]
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2019-9022",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-9637",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-9638",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-9639",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-9640",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-9641",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-9675",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:14.04:LTS"
}