NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.
Affected products
- <8.3.23
- <8.4.10
- <8.1.33
- <8.2.29
Matching in nixpkgs
pkgs.gsoap
C/C++ toolkit for SOAP web services and XML-based applications
-
nixos-unstable -
- nixpkgs-unstable 2.8.108
pkgs.soapui
Most Advanced REST & SOAP Testing Tool in the World
-
nixos-unstable -
- nixpkgs-unstable 5.9.0
pkgs.soapysdr
Vendor and platform neutral SDR support library
-
nixos-unstable -
- nixpkgs-unstable 0.8.1-unstable-2025-03-30-03
pkgs.soapyuhd
SoapySDR plugin for UHD devices
-
nixos-unstable -
- nixpkgs-unstable 0.4.1-unstable-2025-02-13
pkgs.liquidsoap
Swiss-army knife for multimedia streaming
-
nixos-unstable -
- nixpkgs-unstable 2.3.3
pkgs.soapyaudio
SoapySDR plugin for amateur radio and audio devices
-
nixos-unstable -
- nixpkgs-unstable 0.1.1
pkgs.soapyairspy
SoapySDR plugin for Airspy devices
-
nixos-unstable -
- nixpkgs-unstable 0.2.0
pkgs.soapyhackrf
SoapySDR plugin for HackRF devices
-
nixos-unstable -
- nixpkgs-unstable 0.3.4
pkgs.soapyremote
SoapySDR plugin for remote access to SDRs
-
nixos-unstable -
- nixpkgs-unstable 0.5.2-unstable-2024-01-24
pkgs.soapyrtlsdr
SoapySDR plugin for RTL-SDR devices
-
nixos-unstable -
- nixpkgs-unstable 0.3.3
pkgs.soapybladerf
SoapySDR plugin for BladeRF devices
-
nixos-unstable -
- nixpkgs-unstable 0.4.2
pkgs.soapysdrplay
Soapy SDR module for SDRplay
-
nixos-unstable -
- nixpkgs-unstable sdrplay3-0.4.0
pkgs.soapyplutosdr
SoapySDR plugin for Pluto SDR devices
-
nixos-unstable -
- nixpkgs-unstable 0.2.2
pkgs.libsForQt5.kdsoap
Qt-based client-side and server-side SOAP component
-
nixos-unstable -
- nixpkgs-unstable 2.2.0
pkgs.kdePackages.kdsoap
Qt-based client-side and server-side SOAP component
-
nixos-unstable -
- nixpkgs-unstable 2.2.0
pkgs.qt6Packages.kdsoap
Qt-based client-side and server-side SOAP component
-
nixos-unstable -
- nixpkgs-unstable 2.2.0
pkgs.php81Extensions.soap
PHP upstream extension: soap
-
nixos-unstable -
- nixpkgs-unstable 8.1.33
pkgs.php82Extensions.soap
PHP upstream extension: soap
-
nixos-unstable -
- nixpkgs-unstable 8.2.29
pkgs.php83Extensions.soap
PHP upstream extension: soap
-
nixos-unstable -
- nixpkgs-unstable 8.3.25
pkgs.php84Extensions.soap
PHP upstream extension: soap
-
nixos-unstable -
- nixpkgs-unstable 8.4.12
pkgs.soapysdr-with-plugins
Vendor and platform neutral SDR support library
-
nixos-unstable -
- nixpkgs-unstable 0.8.1-unstable-2025-03-30-03
pkgs.plasma5Packages.kdsoap
Qt-based client-side and server-side SOAP component
-
nixos-unstable -
- nixpkgs-unstable 2.2.0
pkgs.python312Packages.soapysdr
Vendor and platform neutral SDR support library
-
nixos-unstable -
- nixpkgs-unstable 0.8.1-unstable-2025-03-30-03
pkgs.python313Packages.soapysdr
Vendor and platform neutral SDR support library
-
nixos-unstable -
- nixpkgs-unstable 0.8.1-unstable-2025-03-30-03
pkgs.python312Packages.pysimplesoap
Python simple and lightweight SOAP Library
-
nixos-unstable -
- nixpkgs-unstable 1.16.2
pkgs.python313Packages.pysimplesoap
Python simple and lightweight SOAP Library
-
nixos-unstable -
- nixpkgs-unstable 1.16.2
pkgs.kdePackages.kdsoap-ws-discovery-client
Library for finding WS-Discovery devices in the network using Qt5 and KDSoap.
-
nixos-unstable -
- nixpkgs-unstable 0.4.0
pkgs.python312Packages.soapysdr-with-plugins
Vendor and platform neutral SDR support library
-
nixos-unstable -
- nixpkgs-unstable 0.8.1-unstable-2025-03-30-03
pkgs.python313Packages.soapysdr-with-plugins
Vendor and platform neutral SDR support library
-
nixos-unstable -
- nixpkgs-unstable 0.8.1-unstable-2025-03-30-03
pkgs.tests.pkg-config.defaultPkgConfigPackages.SoapySDR
Test whether soapysdr-0.8.1-unstable-2025-03-30-03 exposes pkg-config modules SoapySDR
Package maintainers
-
@bjornfor Bjørn Forsman <bjorn.forsman@gmail.com>
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
-
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
-
@K900 Ilya K. <me@0upti.me>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@mjm Matt Moriarity <matt@mattmoriarity.com>
-
@NickCao Nick Cao <nickcao@nichi.co>
-
@D4ndellion Daniel Olsen <daniel@dodsorf.as>
-
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
-
@talyz Kim Lindberger <kim.lindberger@gmail.com>
-
@aanderse Aaron Andersen <aaron@fosslib.net>
-
@piotrkwiecinski Piotr Kwiecinski <piokwiecinski+nixpkgs@gmail.com>
-
@nicoonoclaste nicoo <nicoo@debian.org>
-
@numinit Morgan Jones <me+nixpkgs@numin.it>
-
@markuskowa Markus Kowalewski <markus.kowalewski@gmail.com>
-
@Gerschtli Tobias Happ <tobias.happ@gmx.de>
-
@wucke13 Wucke <wucke13@gmail.com>
-
@luizribeiro Luiz Ribeiro <nixpkgs@l9o.dev>
-
@ragnard Ragnar Dahlen <r.dahlen@gmail.com>
-
@pmenke-de Philipp Menke <nixos@pmenke.de>