Msrc Cbl2 Php On Cbl Mariner 2.0 vulnerabilities
10 known vulnerabilities affecting msrc/cbl2_php_on_cbl_mariner_2.0.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM5LOW1
Vulnerabilities
Page 1 of 1
CVE-2022-31629MEDIUMCVSS 6.52022-09-13
CVE-2022-31629 [MEDIUM] CWE-20 $_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure version
msrc
CVE-2022-31628LOWCVSS 2.32022-09-13
CVE-2022-31628 [LOW] CWE-674 phar wrapper can occur dos when using quine gzip file
phar wrapper can occur dos when using quine gzip file
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the di
msrc
CVE-2022-31625HIGHCVSS 8.12022-06-14
CVE-2022-31625 [HIGH] CWE-590 Freeing unallocated memory in php_pgsql_free_params()
Freeing unallocated memory in php_pgsql_free_params()
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the d
msrc
CVE-2022-31626HIGHCVSS 7.52022-06-14
CVE-2022-31626 [HIGH] CWE-120 mysqlnd/pdo password buffer overflow
mysqlnd/pdo password buffer overflow
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is co
msrc
CVE-2021-21708HIGHCVSS 8.22022-02-08
CVE-2021-21708 [HIGH] CWE-416 UAF due to php_filter_float() failing
UAF due to php_filter_float() failing
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is
msrc
CVE-2021-21707MEDIUMCVSS 5.32021-11-09
CVE-2021-21707 [MEDIUM] CWE-159 Special characters break path parsing in XML functions
Special characters break path parsing in XML functions
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t
msrc
CVE-2021-21703HIGHCVSS 7.82021-10-12
CVE-2021-21703 [HIGH] CWE-787 PHP-FPM memory access in root process leading to privilege escalation
PHP-FPM memory access in root process leading to privilege escalation
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open s
msrc
CVE-2021-21705MEDIUMCVSS 4.32021-10-12
CVE-2021-21705 [MEDIUM] CWE-20 Incorrect URL validation in FILTER_VALIDATE_URL
Incorrect URL validation in FILTER_VALIDATE_URL
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is co
msrc
CVE-2021-21704MEDIUMCVSS 5.02021-10-12
CVE-2021-21704 [MEDIUM] CWE-125 Multiple vulnerabilities in Firebird client extension
Multiple vulnerabilities in Firebird client extension
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the
msrc
CVE-2021-21702MEDIUMCVSS 5.32021-02-09
CVE-2021-21702 [MEDIUM] CWE-476 Null Dereference in SoapClient
Null Dereference in SoapClient
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to
msrc