{"id":"RHSA-2019:3299","summary":"Red Hat Security Advisory: rh-php72-php security update","modified":"2026-02-21T10:03:38Z","published":"2024-09-13T22:02:04Z","upstream":["CVE-2016-10166","CVE-2018-20783","CVE-2019-11034","CVE-2019-11035","CVE-2019-11036","CVE-2019-11038","CVE-2019-11039","CVE-2019-11040","CVE-2019-11041","CVE-2019-11042","CVE-2019-11043","CVE-2019-6977","CVE-2019-9020","CVE-2019-9021","CVE-2019-9022","CVE-2019-9023","CVE-2019-9024","CVE-2019-9637","CVE-2019-9638","CVE-2019-9639","CVE-2019-9640"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#critical"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1418983"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672207"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1680545"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1685123"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1685132"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1685398"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1685404"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1685412"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688897"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688922"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688934"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688939"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702246"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702256"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1707299"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724149"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724152"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724154"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1739459"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1739465"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1766378"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3299.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-10166"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-10166"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-10166"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-20783"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-20783"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20783"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-6977"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-6977"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6977"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9020"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9020"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9020"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9021"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9021"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9021"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9022"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9022"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9022"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9023"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9023"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9023"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9024"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9024"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9024"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9637"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9637"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9637"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9638"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9638"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9638"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9639"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9639"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9639"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9640"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9640"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9640"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11034"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11034"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11034"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11035"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11035"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11035"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11036"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11036"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11036"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11038"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11038"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11038"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11039"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11039"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11039"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11040"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11040"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11040"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11041"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11041"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11041"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11042"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11042"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11042"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11043"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11043"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11043"},{"type":"ARTICLE","url":"https://www.nginx.com/blog/php-fpm-cve-2019-11043-vulnerability-nginx/"},{"type":"ARTICLE","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"}],"affected":[{"package":{"name":"rh-php72-php","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-bcmath","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-bcmath"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-cli","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-common","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-dba","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-dba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-dbg","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-dbg"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-debuginfo","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-devel","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-embedded","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-embedded"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-enchant","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-enchant"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-fpm","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-fpm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-gd","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-gd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-gmp","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-gmp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-intl","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-intl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-json","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-json"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-ldap","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-ldap"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-mbstring","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-mbstring"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-mysqlnd","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-mysqlnd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-odbc","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-odbc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-opcache","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-opcache"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-pdo","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-pdo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-pgsql","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-pgsql"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-process","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-process"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-pspell","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-pspell"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-recode","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-recode"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-snmp","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-snmp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-soap","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-soap"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-xml","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-xml"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-xmlrpc","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-xmlrpc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}},{"package":{"name":"rh-php72-php-zip","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-php72-php-zip"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.2.24-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:3299.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}