VDB

GCVE-110-MAGEIA-2024-262

GCVE-110-MAGEIA-2024-262
Advisory Published
Vulnetix · Advisory published July 11, 2024
This update ships the latest version of php 8.2. It brings fixed security issues and the usual bug fixes. Vulnerability: A code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly. (CVE-2024-5458) Notable fixes: DOM: Fixed bug GH-14343 (Memory leak in xml and dom). FPM: Fixed bug GH-13563 (Setting bool values via env in FPM config fails). MySQLnd: Fix bug GH-14255 (mysqli_fetch_assoc reports error from nested query). Posix: Fix usage of reentrant functions in ext/posix. Soap: Various memory issues SPL: Fixed bug GH-14290 (Member access within null pointer in extension spl). Streams: Fixed bug GH-11078 (PHP Fatal error triggers pointer being freed was not allocated and malloc: double free for ptr errors).

Affected Products

VendorProductVersionsPlatforms
Mageiaphp8.2.21-2.mga9 (unaffected), 0 (affected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›