Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
PHP on Red Hat Systems: Unfixable Data Exposure Through Malicious Code
RHSA-2026:2799
Summary
A security issue has been found in PHP on Red Hat systems. If an attacker can inject malicious code, they may be able to access sensitive data. Update your systems to the latest version of PHP to prevent this risk.
What to do
- Update redhat php to version 0:8.0.30-5.el9_7.
- Update redhat php-bcmath to version 0:8.0.30-5.el9_7.
- Update redhat php-bcmath-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-cli to version 0:8.0.30-5.el9_7.
- Update redhat php-cli-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-common to version 0:8.0.30-5.el9_7.
- Update redhat php-common-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-dba to version 0:8.0.30-5.el9_7.
- Update redhat php-dba-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-dbg to version 0:8.0.30-5.el9_7.
- Update redhat php-dbg-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-debugsource to version 0:8.0.30-5.el9_7.
- Update redhat php-devel to version 0:8.0.30-5.el9_7.
- Update redhat php-embedded to version 0:8.0.30-5.el9_7.
- Update redhat php-embedded-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-enchant to version 0:8.0.30-5.el9_7.
- Update redhat php-enchant-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-ffi to version 0:8.0.30-5.el9_7.
- Update redhat php-ffi-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-fpm to version 0:8.0.30-5.el9_7.
- Update redhat php-fpm-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-gd to version 0:8.0.30-5.el9_7.
- Update redhat php-gd-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-gmp to version 0:8.0.30-5.el9_7.
- Update redhat php-gmp-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-intl to version 0:8.0.30-5.el9_7.
- Update redhat php-intl-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-ldap to version 0:8.0.30-5.el9_7.
- Update redhat php-ldap-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-mbstring to version 0:8.0.30-5.el9_7.
- Update redhat php-mbstring-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-mysqlnd to version 0:8.0.30-5.el9_7.
- Update redhat php-mysqlnd-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-odbc to version 0:8.0.30-5.el9_7.
- Update redhat php-odbc-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-opcache to version 0:8.0.30-5.el9_7.
- Update redhat php-opcache-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-pdo to version 0:8.0.30-5.el9_7.
- Update redhat php-pdo-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-pgsql to version 0:8.0.30-5.el9_7.
- Update redhat php-pgsql-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-process to version 0:8.0.30-5.el9_7.
- Update redhat php-process-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-snmp to version 0:8.0.30-5.el9_7.
- Update redhat php-snmp-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-soap to version 0:8.0.30-5.el9_7.
- Update redhat php-soap-debuginfo to version 0:8.0.30-5.el9_7.
- Update redhat php-xml to version 0:8.0.30-5.el9_7.
- Update redhat php-xml-debuginfo to version 0:8.0.30-5.el9_7.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| redhat | php | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-bcmath | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-bcmath-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-cli | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-cli-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-common | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-common-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-dba | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-dba-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-dbg | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-dbg-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-debugsource | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-devel | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-embedded | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-embedded-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-enchant | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-enchant-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-ffi | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-ffi-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-fpm | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-fpm-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-gd | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-gd-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-gmp | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-gmp-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-intl | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-intl-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-ldap | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-ldap-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-mbstring | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-mbstring-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-mysqlnd | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-mysqlnd-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-odbc | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-odbc-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-opcache | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-opcache-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-pdo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-pdo-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-pgsql | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-pgsql-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-process | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-process-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-snmp | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-snmp-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-soap | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-soap-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-xml | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
| redhat | php-xml-debuginfo | <= 0:8.0.30-5.el9_7 | 0:8.0.30-5.el9_7 |
Original title
Red Hat Security Advisory: php security update
osv CVSS3.1
6.5
- https://access.redhat.com/errata/RHSA-2026:2799 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#moderate Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2425625 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2425626 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2799.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-14177 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-14177 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-14177 Vendor Advisory
- https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2025-14178 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-14178 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-14178 Vendor Advisory
- https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2 Third Party Advisory
Published: 18 Feb 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026