php.net
|
support
|
documentation
|
report a bug
|
advanced search
|
search howto
|
statistics
|
random bug
|
login
go to bug id or search bugs for
Showing 1-30 of 39860
Show Next 30 Entries »
ID#
Date
Last Modified
Package
Type
Status
PHP Version
OS
Summary
Assigned
81992
(edit)
2023-05-10 11:39 UTC
2023-05-25 22:36 UTC
SPL related
Bug
Closed
8.2.6RC1
Linux
SplFixedArray::setSize() causes use-after-free
81746
(edit)
2023-01-20 22:19 UTC
2023-02-13 04:40 UTC
*Directory/Filesystem functions
Sec Bug
Closed
8.0.27
Linux
1-byte array overrun in common path resolve code
stas
81744
(edit)
2023-01-05 12:52 UTC
2023-02-13 04:40 UTC
*Encryption and hash functions
Sec Bug
Closed
8.2.0
Password_verify() always return true with some hash
stas
81742
(edit)
2022-11-28 23:06 UTC
2022-11-29 10:50 UTC
SQLite related
Bug
Closed
master-Git-2022-11-28 (Git)
all
open_basedir bypass in SQLite3/pdo-sqlite extension by using url encoded file
cmb
81740
(edit)
2022-10-29 13:25 UTC
2022-12-19 06:27 UTC
PDO SQLite
Sec Bug
Closed
7.4Git-2022-10-29 (Git)
*
PDO::quote() may return unquoted string
stas
81739
(edit)
2022-10-12 16:13 UTC
2022-10-24 00:58 UTC
GD related
Sec Bug
Closed
7.4Git-2022-10-12 (Git)
*
OOB read due to insufficient input validation in imageloadfont()
stas
81738
(edit)
2022-10-11 18:24 UTC
2022-10-21 05:55 UTC
hash related
Sec Bug
Closed
8.2.0RC3
all 64-bit
buffer overflow in hash_update() on long parameter
81727
(edit)
2022-08-12 09:44 UTC
2022-09-29 18:57 UTC
HTTP related
Sec Bug
Closed
Irrelevant
Any
$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
derick
81726
(edit)
2022-07-19 14:30 UTC
2022-09-29 18:58 UTC
PHAR related
Sec Bug
Closed
7.4.30
ubuntu-20.04
phar wrapper can occur dos when using quine gzip file
stas
81723
(edit)
2022-06-27 22:59 UTC
2022-07-05 07:05 UTC
Filesystem function related
Sec Bug
Closed
8.1.7
Linux
Heap buffer overflow in finfo_buffer
stas
81720
(edit)
2022-05-16 14:50 UTC
2022-06-06 07:13 UTC
PostgreSQL related
Sec Bug
Closed
8.1.6
Uninitialized array in pg_query_params() leading to RCE
stas
81719
(edit)
2022-05-16 14:33 UTC
2024-07-12 12:22 UTC
PDO MySQL
Sec Bug
Closed
8.1.6
mysqlnd/pdo password buffer overflow leading to RCE
cmb
81714
(edit)
2022-03-28 09:16 UTC
2022-03-29 09:50 UTC
hash related
Bug
Closed
8.1.4
Linux
segfault (use-after-free) serializing finalized HashContext
cmb
81713
(edit)
2022-03-10 11:30 UTC
2022-06-10 08:46 UTC
OpenSSL related
Sec Bug
Closed
PHP 7.4
all
NULL byte injection in several OpenSSL functions working with certificates
bukka
81708
(edit)
2022-01-30 09:00 UTC
2022-02-14 06:07 UTC
Filter related
Sec Bug
Closed
8.0.15
centos 8
UAF due to php_filter_float() failing for ints
stas
81705
(edit)
2022-01-04 08:17 UTC
2023-05-16 21:09 UTC
Scripting Engine problem
Bug
Closed
8.0.14
Linux
type confusion/UAF on set_error_handler with concat operation
nielsdos
81703
(edit)
2021-12-19 18:30 UTC
2021-12-19 22:03 UTC
Streams related
Req
Closed
8.1.1
All
stream_context_create - SSL context options
cmb
81693
(edit)
2021-12-03 14:27 UTC
2021-12-04 10:45 UTC
mbstring related
Bug
Closed
8.1.0
Debian (php:8.1-apache docker)
mb_check_encoding does not return a value but quits php
cmb
81691
(edit)
2021-12-03 08:44 UTC
2024-08-09 16:07 UTC
SPL related
Bug
Closed
8.1.0
openEuler/Ubuntu 20.04.1
use-after-free of spl file handle
nielsdos
81689
(edit)
2021-12-03 01:12 UTC
2022-01-04 01:02 UTC
Scripting Engine problem
Bug
Closed
8.1.0
Alpinelinux
2 fiber tests fails on ppc64le
trowski
81685
(edit)
2021-12-01 14:40 UTC
2022-03-28 19:10 UTC
JSON related
Doc
Closed
7.4.26
Debian & Arch
Using json_decode with an integer as first parameter doesn't return NULL
bukka
81684
(edit)
2021-12-01 11:11 UTC
2021-12-05 17:37 UTC
Scripting Engine problem
Bug
Closed
8.1.0
Windows 10 (64Bit)
Using null coalesce assignment with $GLOBALS["x"] produces opcode error
ilutov
81683
(edit)
2021-12-01 09:50 UTC
2021-12-05 22:51 UTC
Class/Object related
Bug
Closed
8.1.0
Misleading "access type ... must be public" interface method error message
ilutov
81682
(edit)
2021-12-01 08:01 UTC
2024-03-09 16:10 UTC
DOM XML related
Bug
Closed
8.1.0
irrelevant
DocumentType nodes cannot be cloned nor imported
nielsdos
81681
(edit)
2021-12-01 03:21 UTC
2021-12-01 10:52 UTC
Reflection related
Bug
Closed
8.1.0
Windows 10 build 19043.1348
ReflectionEnum throwing exceptions
81679
(edit)
2021-11-30 22:50 UTC
2021-12-15 14:35 UTC
JIT
Bug
Closed
8.0.13
Windows Server 2019
Tracing JIT crashes on reattaching
81669
(edit)
2021-11-28 13:46 UTC
2021-11-29 10:06 UTC
*Directory/Filesystem functions
Bug
Closed
8.0.13
Alpine Linux
DirectoryIterator ignore files
81665
(edit)
2021-11-27 08:16 UTC
2021-11-27 08:19 UTC
mbstring related
Bug
Closed
8.1.0
mb_detect_encoding() should return false
81664
(edit)
2021-11-27 07:37 UTC
2022-07-11 13:36 UTC
JIT
Bug
Closed
8.1.0
ubuntu 18.04
php8.1 core dump
81659
(edit)
2021-11-26 04:17 UTC
2021-11-26 12:46 UTC
Streams related
Bug
Closed
7.4
Debian Buster
stream_get_contents() may unnecessarily overallocate
cmb
Showing 1-30 of 39860
Show Next 30 Entries »
Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Wed Feb 19 00:01:30 2025 UTC