php.net
|
support
|
documentation
|
report a bug
|
advanced search
|
search howto
|
statistics
|
random bug
|
login
go to bug id or search bugs for
Showing 1-90 of 81072
Show Next 90 Entries »
ID#
Date
Last Modified
Package
Type
Status
PHP Version
OS
Summary
Assigned
82016
(edit)
2023-07-27 08:26 UTC
2023-07-27 11:14 UTC
Date/time related
Bug
Not a bug
8.2.8
usage of +- in strtotime results in unexpected output with PHP8.2
81992
(edit)
2023-05-10 11:39 UTC
2023-05-25 22:36 UTC
SPL related
Bug
Closed
8.2.6RC1
Linux
SplFixedArray::setSize() causes use-after-free
81989
(edit)
2023-03-23 00:30 UTC
2024-10-05 09:00 UTC
*Directory/Filesystem functions
Req
Re-Opened
8.0.28
any
Glob() miss a scope limit parameter, to limit the max returned paths
81987
(edit)
2023-03-10 16:08 UTC
2023-03-12 01:38 UTC
HTTP related
Bug
Open
Irrelevant
Linux
Incomplete Multipart/form-data but is passed to PHP
81746
(edit)
2023-01-20 22:19 UTC
2023-02-13 04:40 UTC
*Directory/Filesystem functions
Sec Bug
Closed
8.0.27
Linux
1-byte array overrun in common path resolve code
stas
81745
(edit)
2023-01-16 14:31 UTC
2023-01-19 12:49 UTC
*URL Functions
Bug
Duplicate
8.2.1
UNIX/Windows
parse_url return wrong host if
cmb
81744
(edit)
2023-01-05 12:52 UTC
2023-02-13 04:40 UTC
*Encryption and hash functions
Sec Bug
Closed
8.2.0
Password_verify() always return true with some hash
stas
81743
(edit)
2022-12-12 15:41 UTC
2022-12-12 18:26 UTC
PDO Core
Bug
Not a bug
8.1.13
*
XSS via PDOException error
cmb
81742
(edit)
2022-11-28 23:06 UTC
2022-11-29 10:50 UTC
SQLite related
Bug
Closed
master-Git-2022-11-28 (Git)
all
open_basedir bypass in SQLite3/pdo-sqlite extension by using url encoded file
cmb
81741
(edit)
2022-11-12 06:20 UTC
2022-11-20 04:22 UTC
PHP options/info functions
Bug
No Feedback
7.4.33
centos 7
memory_limit not working
81740
(edit)
2022-10-29 13:25 UTC
2022-12-19 06:27 UTC
PDO SQLite
Sec Bug
Closed
7.4Git-2022-10-29 (Git)
*
PDO::quote() may return unquoted string
stas
81739
(edit)
2022-10-12 16:13 UTC
2022-10-24 00:58 UTC
GD related
Sec Bug
Closed
7.4Git-2022-10-12 (Git)
*
OOB read due to insufficient input validation in imageloadfont()
stas
81738
(edit)
2022-10-11 18:24 UTC
2022-10-21 05:55 UTC
hash related
Sec Bug
Closed
8.2.0RC3
all 64-bit
buffer overflow in hash_update() on long parameter
81736
(edit)
2022-09-30 08:56 UTC
2022-10-05 15:08 UTC
Unknown/Other Function
Bug
Duplicate
7.4Git-2022-09-30 (Git)
linux
The substr function has conditional competition
cmb
81735
(edit)
2022-09-30 08:56 UTC
2022-10-05 15:08 UTC
Unknown/Other Function
Bug
Duplicate
7.4Git-2022-09-30 (Git)
linux
The substr function has conditional competition
cmb
81734
(edit)
2022-09-30 08:55 UTC
2022-10-05 15:09 UTC
Unknown/Other Function
Bug
Not a bug
7.4Git-2022-09-30 (Git)
linux
The substr function has conditional competition
cmb
81732
(edit)
2022-09-27 06:37 UTC
2022-09-30 02:47 UTC
Unknown/Other Function
Bug
Duplicate
7.4.30
Windows/Linux
unserialize __wakeup bypass
cmb
81727
(edit)
2022-08-12 09:44 UTC
2022-09-29 18:57 UTC
HTTP related
Sec Bug
Closed
Irrelevant
Any
$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
derick
81726
(edit)
2022-07-19 14:30 UTC
2022-09-29 18:58 UTC
PHAR related
Sec Bug
Closed
7.4.30
ubuntu-20.04
phar wrapper can occur dos when using quine gzip file
stas
81724
(edit)
2022-07-05 15:25 UTC
2023-02-07 23:33 UTC
OpenSSL related
Req
Assigned
8.1.7
Any
openssl_cms/pkcs7_encrypt only allows specific ciphers
bukka
81723
(edit)
2022-06-27 22:59 UTC
2022-07-05 07:05 UTC
Filesystem function related
Sec Bug
Closed
8.1.7
Linux
Heap buffer overflow in finfo_buffer
stas
81722
(edit)
2022-06-14 19:17 UTC
2022-06-20 12:47 UTC
Unknown/Other Function
Sec Bug
Not a bug
7.4.30
Ubuntu
Session Fixation in PHP Core PHPSESSID
81720
(edit)
2022-05-16 14:50 UTC
2022-06-06 07:13 UTC
PostgreSQL related
Sec Bug
Closed
8.1.6
Uninitialized array in pg_query_params() leading to RCE
stas
81719
(edit)
2022-05-16 14:33 UTC
2024-07-12 12:22 UTC
PDO MySQL
Sec Bug
Closed
8.1.6
mysqlnd/pdo password buffer overflow leading to RCE
cmb
81717
(edit)
2022-05-13 09:14 UTC
2022-05-13 11:15 UTC
Scripting Engine problem
Sec Bug
Duplicate
7.4.29
Any
PHP "Magic" methods DOS
cmb
81715
(edit)
2022-04-06 19:14 UTC
2022-04-07 09:46 UTC
*Directory/Filesystem functions
Sec Bug
Not a bug
8.1.4
Linux/Windows
Apache + PHP <= 8.1.4 open_basedir bypass
cmb
81714
(edit)
2022-03-28 09:16 UTC
2022-03-29 09:50 UTC
hash related
Bug
Closed
8.1.4
Linux
segfault (use-after-free) serializing finalized HashContext
cmb
81713
(edit)
2022-03-10 11:30 UTC
2022-06-10 08:46 UTC
OpenSSL related
Sec Bug
Closed
PHP 7.4
all
NULL byte injection in several OpenSSL functions working with certificates
bukka
81712
(edit)
2022-02-26 11:51 UTC
2022-02-28 10:47 UTC
*General Issues
Bug
Not a bug
8.1.3
Windows
Something wrong
cmb
81711
(edit)
2022-02-23 11:09 UTC
2022-02-24 09:25 UTC
Class/Object related
Bug
Suspended
8.1.3
Linux, web
Private properties data leak by casting object to array
81709
(edit)
2022-02-05 22:23 UTC
2022-02-06 16:48 UTC
Compile Failure
Bug
Not a bug
7.4.27
freebsd 12.0
just trying to get memcache loading with php/wordpress
81708
(edit)
2022-01-30 09:00 UTC
2022-02-14 06:07 UTC
Filter related
Sec Bug
Closed
8.0.15
centos 8
UAF due to php_filter_float() failing for ints
stas
81707
(edit)
2022-01-19 06:36 UTC
2022-02-15 14:25 UTC
MySQLi related
Bug
Wont fix
Irrelevant
WSL
Heap address leak when PHP is configured with libmysql + mariadb
dharman
81706
(edit)
2022-01-19 01:00 UTC
2022-02-08 06:09 UTC
MySQLi related
Bug
Duplicate
Irrelevant
Ubuntu
NULL pointer dereference in mysqlnd package
81705
(edit)
2022-01-04 08:17 UTC
2023-05-16 21:09 UTC
Scripting Engine problem
Bug
Closed
8.0.14
Linux
type confusion/UAF on set_error_handler with concat operation
nielsdos
81704
(edit)
2021-12-22 09:01 UTC
2021-12-22 21:58 UTC
opcache
Req
Assigned
Irrelevant
Debian 11
opcache.restrict_api not working with PHP-FPM
bukka
81703
(edit)
2021-12-19 18:30 UTC
2021-12-19 22:03 UTC
Streams related
Req
Closed
8.1.1
All
stream_context_create - SSL context options
cmb
81701
(edit)
2021-12-17 12:56 UTC
2021-12-17 18:31 UTC
Reproducible crash
Bug
Duplicate
Next Major Version
Ubuntu 20.04.3 LTS
Memory Corruption vulnerability on Zend_execute_api
cmb
81700
(edit)
2021-12-17 12:53 UTC
2021-12-17 18:41 UTC
Reproducible crash
Bug
Duplicate
master-Git-2021-12-17 (Git)
Ubuntu 20.04.3 LTS
Memory Corruption vulnerability on zen_vm_execute
cmb
81699
(edit)
2021-12-06 19:17 UTC
2021-12-06 21:49 UTC
PHP options/info functions
Bug
Not a bug
8.1.0
windows
ini_set('extension_dir', .. ) not work
cmb
81698
(edit)
2021-12-04 17:55 UTC
2021-12-06 11:06 UTC
Reflection related
Bug
Not a bug
7.4.3
Ubuntu 20.04
getType()->getName() crashes on dynamic properties
cmb
81697
(edit)
2021-12-03 17:30 UTC
2021-12-03 18:35 UTC
Math related
Bug
Not a bug
8.0.13
linux, mac
Since 8.0, php is not multiplying float values correctly
cmb
81696
(edit)
2021-12-03 16:41 UTC
2025-01-14 18:12 UTC
MySQLi related
Bug
No Feedback
8.1.1
Slackware 15 arm
crash on mysqly::query -- mysqli_query
81695
(edit)
2021-12-03 16:00 UTC
2021-12-03 16:29 UTC
*Unicode Issues
Bug
Not a bug
7.3.33
linux, macos
substring issue
cmb
81694
(edit)
2021-12-03 15:12 UTC
2021-12-03 17:36 UTC
DOM XML related
Bug
Not a bug
7.4.26
Amazon Linux 2 (RHEL-like)
DOMDocument is not available on 7.4 with configure --disable-all --with-libxml
81693
(edit)
2021-12-03 14:27 UTC
2021-12-04 10:45 UTC
mbstring related
Bug
Closed
8.1.0
Debian (php:8.1-apache docker)
mb_check_encoding does not return a value but quits php
cmb
81692
(edit)
2021-12-03 11:30 UTC
2022-03-16 09:54 UTC
Arrays related
Doc
Duplicate
7.4.26
ubuntu 20.04
array_unique bug with mixed scalar values
cmb
81691
(edit)
2021-12-03 08:44 UTC
2024-08-09 16:07 UTC
SPL related
Bug
Closed
8.1.0
openEuler/Ubuntu 20.04.1
use-after-free of spl file handle
nielsdos
81690
(edit)
2021-12-03 05:28 UTC
2021-12-26 13:57 UTC
HTTP related
Bug
Open
8.1.0
A request smuggling in file_get_contents
81689
(edit)
2021-12-03 01:12 UTC
2022-01-04 01:02 UTC
Scripting Engine problem
Bug
Closed
8.1.0
Alpinelinux
2 fiber tests fails on ppc64le
trowski
81688
(edit)
2021-12-02 18:30 UTC
2022-11-23 10:10 UTC
PDO ODBC
Bug
Assigned
8.0.13
IBM i 7.2
PDO_ODBC doesn't handle fixed-length character columns with character conversio
cmb
81687
(edit)
2021-12-02 10:37 UTC
2021-12-02 11:01 UTC
*General Issues
Bug
Not a bug
7.4.3
Ubuntu 20.04
Casting to int from array from boolean
81686
(edit)
2021-12-01 16:56 UTC
2021-12-01 22:14 UTC
Scripting Engine problem
Bug
Not a bug
8.1.0
MacOs
Method static variables stored across different instances
cmb
81685
(edit)
2021-12-01 14:40 UTC
2022-03-28 19:10 UTC
JSON related
Doc
Closed
7.4.26
Debian & Arch
Using json_decode with an integer as first parameter doesn't return NULL
bukka
81684
(edit)
2021-12-01 11:11 UTC
2021-12-05 17:37 UTC
Scripting Engine problem
Bug
Closed
8.1.0
Windows 10 (64Bit)
Using null coalesce assignment with $GLOBALS["x"] produces opcode error
ilutov
81683
(edit)
2021-12-01 09:50 UTC
2021-12-05 22:51 UTC
Class/Object related
Bug
Closed
8.1.0
Misleading "access type ... must be public" interface method error message
ilutov
81682
(edit)
2021-12-01 08:01 UTC
2024-03-09 16:10 UTC
DOM XML related
Bug
Closed
8.1.0
irrelevant
DocumentType nodes cannot be cloned nor imported
nielsdos
81681
(edit)
2021-12-01 03:21 UTC
2021-12-01 10:52 UTC
Reflection related
Bug
Closed
8.1.0
Windows 10 build 19043.1348
ReflectionEnum throwing exceptions
81680
(edit)
2021-12-01 02:44 UTC
2021-12-01 10:22 UTC
PHP options/info functions
Bug
Verified
8.1.0
*
CR-LF injection via "From" field from ini setting
81679
(edit)
2021-11-30 22:50 UTC
2021-12-15 14:35 UTC
JIT
Bug
Closed
8.0.13
Windows Server 2019
Tracing JIT crashes on reattaching
81678
(edit)
2021-11-30 20:39 UTC
2024-07-28 04:22 UTC
opcache
Bug
No Feedback
8.1.0
macOS 11.4 (intel)
Class definition file will sometimes not load with opcache.enable_cli=1
cmb
81677
(edit)
2021-11-30 17:31 UTC
2021-12-01 10:50 UTC
Filesystem function related
Doc
Verified
7.4.26
Linux
realpath result is cached
81676
(edit)
2021-11-30 12:10 UTC
2021-12-05 17:35 UTC
mbstring related
Bug
Duplicate
8.1.0
MacOs
Converting string to UTF using \mb_convert_encoding returns empty string
alexdowad
81675
(edit)
2021-11-30 10:56 UTC
2021-11-30 14:24 UTC
Scripting Engine problem
Doc
Verified
8.1.0
Undocumented change in get_class_vars behaviour with static properties in 8.1
81674
(edit)
2021-11-30 08:03 UTC
2024-07-28 04:22 UTC
*General Issues
Bug
No Feedback
8.1.0
Red Hat 8.5
Segmentation fault when running composer
cmb
81673
(edit)
2021-11-29 22:02 UTC
2024-07-28 04:22 UTC
JIT
Bug
No Feedback
8.0.13
Alpine linux
Tracing JIT causing various errors (trait related?)
cmb
81672
(edit)
2021-11-29 11:01 UTC
2021-11-30 01:56 UTC
PDO MySQL
Req
Duplicate
8.0.13
RedHat
Missing support ed25519 authenticate method
cmb
81671
(edit)
2021-11-29 05:26 UTC
2023-01-02 11:25 UTC
Website problem
Req
Open
Irrelevant
Windows 10
Request to redirect documentation link to english
81670
(edit)
2021-11-28 18:55 UTC
2021-11-29 20:53 UTC
FPM related
Req
Assigned
8.1.0
Debian 11
Access log contains wrong values for "%r" (request URI) format string
bukka
81669
(edit)
2021-11-28 13:46 UTC
2021-11-29 10:06 UTC
*Directory/Filesystem functions
Bug
Closed
8.0.13
Alpine Linux
DirectoryIterator ignore files
81668
(edit)
2021-11-28 13:07 UTC
2021-11-29 11:22 UTC
MySQLi related
Req
Open
8.1.0
Windows 11
Implement ED25519 auth for mysqlnd
81667
(edit)
2021-11-27 12:29 UTC
2021-12-01 18:30 UTC
*General Issues
Bug
Not a bug
7.4.26
Error on serialization with MongoDB class
81666
(edit)
2021-11-27 12:07 UTC
2021-11-28 18:13 UTC
Compile Failure
Bug
Open
8.1.0
macOS Monterey (12)
Random error 1 ext/opcache/jit/zend_jit.lo when building on Mac ARM64
81665
(edit)
2021-11-27 08:16 UTC
2021-11-27 08:19 UTC
mbstring related
Bug
Closed
8.1.0
mb_detect_encoding() should return false
81664
(edit)
2021-11-27 07:37 UTC
2022-07-11 13:36 UTC
JIT
Bug
Closed
8.1.0
ubuntu 18.04
php8.1 core dump
81663
(edit)
2021-11-26 23:34 UTC
2021-11-29 12:18 UTC
Program Execution
Bug
Not a bug
8.0.13
win 10
PHP calls shell_exec. The process it starts ends but php does not continue from
cmb
81662
(edit)
2021-11-26 15:16 UTC
2021-11-26 20:04 UTC
Reflection related
Bug
Not a bug
8.1.0
linux
Private functions are invokable without need to use "setAccessible".
81661
(edit)
2021-11-26 12:53 UTC
2021-12-28 10:09 UTC
cURL related
Doc
Re-Opened
8.0.13
Centos 7
curl uses pkg-config as of PHP 7.4.0
81660
(edit)
2021-11-26 06:49 UTC
2021-12-14 12:47 UTC
Date/time related
Bug
Duplicate
8.1.0
macOS
DateTimeZone::getTransitions() returns invalid data
derick
81659
(edit)
2021-11-26 04:17 UTC
2021-11-26 12:46 UTC
Streams related
Bug
Closed
7.4
Debian Buster
stream_get_contents() may unnecessarily overallocate
cmb
81658
(edit)
2021-11-25 13:27 UTC
2021-11-26 11:53 UTC
Compile Failure
Bug
Closed
8.1.0
Debian 10 (OS irrelevant)
mysql_option MYSQL_OPT_LOAD_DATA_LOCAL_DIR not available in mariadb libraries
81657
(edit)
2021-11-25 11:56 UTC
2021-11-25 12:01 UTC
*Graphics related
Bug
Not a bug
7.4.26
Debian 11
Imagick::getColorSpace() always returns 0
cmb
81656
(edit)
2021-11-25 06:26 UTC
2021-11-25 06:38 UTC
*Compile Issues
Bug
Closed
Irrelevant
GCC-11 silently ignores -R
81655
(edit)
2021-11-24 14:30 UTC
2021-12-02 08:03 UTC
*Compile Issues
Sec Bug
Not a bug
8.0.13
All
TrojanSource vulnerability
81654
(edit)
2021-11-24 11:55 UTC
2021-11-24 13:58 UTC
FFI
Bug
Not a bug
Irrelevant
Ubuntu
Arbitrary Address R/W due to Out-of-bound
81653
(edit)
2021-11-24 10:50 UTC
2024-07-14 05:52 UTC
*General Issues
Bug
Closed
8.1.0RC6
Linux
Typo in install-pear-nozlib.phar
petk
81652
(edit)
2021-11-23 11:45 UTC
2021-11-24 14:03 UTC
opcache
Bug
Closed
8.0.13
Ubuntu 20.04.3 LTS
The value of error_reporting() gets overridden
81651
(edit)
2021-11-23 05:14 UTC
2021-11-23 07:03 UTC
Date/time related
Bug
Not a bug
7.4.26
Windows 10
In a for loop using dates, a date modify also updates the initial variable
81650
(edit)
2021-11-22 14:02 UTC
2021-11-22 17:57 UTC
PDO OCI
Bug
Closed
7.4.26
any
Long UTF-8 strings set with bindParam are corrupted
81649
(edit)
2021-11-22 13:58 UTC
2021-11-24 16:05 UTC
IMAP related
Bug
Closed
7.4.26
Debian GNU/Linux
imap_(un)delete accept sequences, not single numbers
Showing 1-90 of 81072
Show Next 90 Entries »
Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Sat Jul 12 05:01:33 2025 UTC