Shared security patch analysis results
AI Used: DEEPSEEK deepseek-chat--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/class.i18n.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/class.i18n.php@@ -251,7 +251,7 @@ static function isLanguageInstalled($code) { $langs = self::availableLanguages();- return isset($langs[strtolower($code)]);+ return isset($langs[strtolower((string) $code)]); } static function isLanguageEnabled($code) {
Here's the analysis of the provided code diff: Vulnerability Existed: not sure Potential Type Juggling Vulnerability [include/class.i18n.php] [Lines 251] [Old Code] `return isset($langs[strtolower($code)]);` [Fixed Code] `return isset($langs[strtolower((string) $code)]);` Additional Details: The change adds explicit string type casting to the input parameter before applying strtolower(). This could potentially prevent type juggling issues if non-string values are passed to the function, but without more context about how this function is used, it's difficult to determine if this was actually exploitable. The fix improves type safety but may not necessarily address a specific known vulnerability.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/class.message.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/class.message.php@@ -183,7 +183,7 @@ return $messages; }- function getIterator() {+ function getIterator(): Traversable { $this->used = true; $messages = $this->load(); if ($this->queued) {
Let me analyze this code diff for potential security vulnerabilities.
Vulnerability Existed: no
[Return Type Declaration Added] [include/class.message.php] [Lines 183]
[Old Code]
function getIterator() {
[Fixed Code]
function getIterator(): Traversable {
Additional Details:
This change appears to be a type safety improvement rather than a security fix. The modification adds a return type declaration (Traversable) to the getIterator() method, which helps enforce type consistency but doesn't address any specific security vulnerability. The change is part of modern PHP practices (PHP 7+ type hints) rather than a security patch.
No other vulnerabilities are apparent in this diff. The change is focused on code quality and type safety rather than addressing security issues.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Factory/InvokableFactory.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Factory/InvokableFactory.php@@ -1,14 +1,10 @@ <?php-/**- * @see https://github.com/laminas/laminas-servicemanager for the canonical source repository- * @copyright https://github.com/laminas/laminas-servicemanager/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-servicemanager/blob/master/LICENSE.md New BSD License- */+declare(strict_types=1); namespace Laminas\ServiceManager\Factory;-use Interop\Container\ContainerInterface;+use Psr\Container\ContainerInterface; /** * Factory for instantiating classes with no dependencies or which accept a single array.@@ -23,11 +19,9 @@ */ final class InvokableFactory implements FactoryInterface {- /**- * {@inheritDoc}- */- public function __invoke(ContainerInterface $container, $requestedName, array $options = null)+ /** {@inheritDoc} */+ public function __invoke(ContainerInterface $container, $requestedName, ?array $options = null) {- return (null === $options) ? new $requestedName : new $requestedName($options);+ return null === $options ? new $requestedName() : new $requestedName($options); } }
I'll analyze the code diff according to the provided format. The changes appear to be primarily about code style and type safety rather than direct security fixes, but I'll examine them carefully.
1. Vulnerability Existed: no
[No specific vulnerability found, general improvements]
File: include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Factory/InvokableFactory.php
Old Code: No strict types declaration
Fixed Code: Added `declare(strict_types=1);`
2. Vulnerability Existed: no
[No specific vulnerability found, dependency update]
File: include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Factory/InvokableFactory.php
Old Code: `use Interop\Container\ContainerInterface;`
Fixed Code: `use Psr\Container\ContainerInterface;`
3. Vulnerability Existed: not sure
[Potential object instantiation safety]
File: include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Factory/InvokableFactory.php
Old Code: `return (null === $options) ? new $requestedName : new $requestedName($options);`
Fixed Code: `return null === $options ? new $requestedName() : new $requestedName($options);`
The changes primarily involve:
1. Adding strict type declarations
2. Updating the container interface dependency from Interop to PSR standard
3. Changing object instantiation syntax to use parentheses consistently
While none of these changes directly address a known vulnerability, the move to strict typing and PSR standards improves code reliability and maintainability. The change in object instantiation syntax (adding parentheses) might prevent potential edge cases in object construction, but I'm not certain if it was addressing a specific security issue.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Transport/SmtpOptions.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Transport/SmtpOptions.php@@ -1,26 +1,25 @@ <?php+namespace Laminas\Mail\Transport;++use Laminas\Mail\Exception;+use Laminas\Mail\Exception\InvalidArgumentException;+use Laminas\Stdlib\AbstractOptions;++use function gettype;+use function is_object;+use function is_string;+use function sprintf;+ /**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License+ * @extends AbstractOptions<string> */--namespace Laminas\Mail\Transport;--use Laminas\Mail\Exception;-use Laminas\Stdlib\AbstractOptions;- class SmtpOptions extends AbstractOptions {- /**- * @var string Local client hostname- */+ /** @var string Local client hostname */ protected $name = 'localhost';- /**- * @var string- */+ /** @var string */ protected $connectionClass = 'smtp'; /**@@ -30,14 +29,10 @@ */ protected $connectionConfig = [];- /**- * @var string Remote SMTP hostname or IP- */+ /** @var string Remote SMTP hostname or IP */ protected $host = '127.0.0.1';- /**- * @var int- */+ /** @var int */ protected $port = 25; /**@@ -63,7 +58,7 @@ * * @todo hostname/IP validation * @param string $name- * @throws \Laminas\Mail\Exception\InvalidArgumentException+ * @throws InvalidArgumentException * @return SmtpOptions */ public function setName($name)@@ -71,7 +66,7 @@ if (! is_string($name) && $name !== null) { throw new Exception\InvalidArgumentException(sprintf( 'Name must be a string or null; argument of type "%s" provided',- (is_object($name) ? get_class($name) : gettype($name))+ is_object($name) ? $name::class : gettype($name) )); } $this->name = $name;@@ -96,7 +91,7 @@ * Set connection class * * @param string $connectionClass the value to be set- * @throws \Laminas\Mail\Exception\InvalidArgumentException+ * @throws InvalidArgumentException * @return SmtpOptions */ public function setConnectionClass($connectionClass)@@ -104,7 +99,7 @@ if (! is_string($connectionClass) && $connectionClass !== null) { throw new Exception\InvalidArgumentException(sprintf( 'Connection class must be a string or null; argument of type "%s" provided',- (is_object($connectionClass) ? get_class($connectionClass) : gettype($connectionClass))+ is_object($connectionClass) ? $connectionClass::class : gettype($connectionClass) )); } $this->connectionClass = $connectionClass;@@ -124,7 +119,6 @@ /** * Set connection configuration array *- * @param array $connectionConfig * @return SmtpOptions */ public function setConnectionConfig(array $connectionConfig)@@ -170,7 +164,7 @@ * Set the port the SMTP server runs on * * @param int $port- * @throws \Laminas\Mail\Exception\InvalidArgumentException+ * @throws InvalidArgumentException * @return SmtpOptions */ public function setPort($port)
Based on the provided diff, I'll analyze it for security vulnerabilities: 1. Vulnerability Existed: not sure [Potential Type Safety Improvement] [include/laminas-mail/src/Transport/SmtpOptions.php] [Lines 66, 99] [Old Code] `(is_object($name) ? get_class($name) : gettype($name))` [Fixed Code] `is_object($name) ? $name::class : gettype($name)` Additional Details: The change improves type safety by using `::class` instead of `get_class()`, which is more modern and reliable. While not a direct security vulnerability fix, it could prevent potential type-related issues. 2. Vulnerability Existed: not sure [Documentation Improvement] [include/laminas-mail/src/Transport/SmtpOptions.php] [Throughout file] [Old Code] Various undocumented parameters and return types [Fixed Code] Added proper type hints and documentation Additional Details: The diff shows improved documentation including proper type hints and exception declarations. While not fixing a specific vulnerability, better documentation can help prevent security issues by making the API's intended use clearer. Note: The diff doesn't show any clear security vulnerability fixes, but rather code quality improvements and modernization. The changes include: 1. Better type checking and error messages 2. Improved documentation 3. Code style improvements 4. Namespace usage improvements No specific security vulnerabilities were identified in this diff, but the improvements could indirectly help prevent potential security issues related to type confusion or misuse of the API.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Storage/AbstractStorage.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Storage/AbstractStorage.php@@ -1,16 +1,16 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Storage; use ArrayAccess; use Countable;+use Laminas\Mail\Storage\Message;+use ReturnTypeWillChange; use SeekableIterator;++use function str_starts_with;+use function strtolower;+use function substr; abstract class AbstractStorage implements ArrayAccess,@@ -19,6 +19,7 @@ { /** * class capabilities with default values+ * * @var array */ protected $has = [@@ -32,21 +33,24 @@ /** * current iteration position+ * * @var int */ protected $iterationPos = 0; /** * maximum iteration position (= message count)+ * * @var null|int */- protected $iterationMax = null;+ protected $iterationMax; /** * used message class, change it in an extended class to extend the returned message class- * @var string- */- protected $messageClass = 'Laminas\Mail\Storage\Message';+ *+ * @var class-string<Message\MessageInterface>+ */+ protected $messageClass = Message::class; /** * Getter for has-properties. The standard has properties@@ -59,13 +63,13 @@ * * @param string $var property name * @throws Exception\InvalidArgumentException- * @return bool supported or not+ * @return null|bool supported or not */ public function __get($var) {- if (strpos($var, 'has') === 0) {+ if (str_starts_with($var, 'has')) { $var = strtolower(substr($var, 3));- return isset($this->has[$var]) ? $this->has[$var] : null;+ return $this->has[$var] ?? null; } throw new Exception\InvalidArgumentException($var . ' not found');@@ -100,8 +104,8 @@ /** * Get a message with headers and body *- * @param $id int number of message- * @return Message+ * @param int $id number of message+ * @return Message\MessageInterface */ abstract public function getMessage($id);@@ -154,7 +158,7 @@ /** * delete a message from current box/folder *- * @param $id+ * @param int $id message number */ abstract public function removeMessage($id);@@ -188,6 +192,7 @@ * * @return int */+ #[ReturnTypeWillChange] public function count() { return $this->countMessages();@@ -199,13 +204,14 @@ * @param int $id * @return bool */+ #[ReturnTypeWillChange] public function offsetExists($id) { try { if ($this->getMessage($id)) { return true; }- } catch (Exception\ExceptionInterface $e) {+ } catch (Exception\ExceptionInterface) { } return false;@@ -215,8 +221,9 @@ * ArrayAccess::offsetGet() * * @param int $id- * @return \Laminas\Mail\Storage\Message message object- */+ * @return Message message object+ */+ #[ReturnTypeWillChange] public function offsetGet($id) { return $this->getMessage($id);@@ -225,11 +232,10 @@ /** * ArrayAccess::offsetSet() *- * @param mixed $id- * @param mixed $value * @throws Exception\RuntimeException */- public function offsetSet($id, $value)+ #[ReturnTypeWillChange]+ public function offsetSet(mixed $id, mixed $value) { throw new Exception\RuntimeException('cannot write mail messages via array access'); }@@ -240,6 +246,7 @@ * @param int $id * @return bool success */+ #[ReturnTypeWillChange] public function offsetUnset($id) { return $this->removeMessage($id);@@ -252,6 +259,7 @@ * the interfaces and your scripts take long you should use reset() * from time to time. */+ #[ReturnTypeWillChange] public function rewind() { $this->iterationMax = $this->countMessages();@@ -263,6 +271,7 @@ * * @return Message current message */+ #[ReturnTypeWillChange] public function current() { return $this->getMessage($this->iterationPos);@@ -273,6 +282,7 @@ * * @return int id of current position */+ #[ReturnTypeWillChange] public function key() { return $this->iterationPos;@@ -281,6 +291,7 @@ /** * Iterator::next() */+ #[ReturnTypeWillChange] public function next() { ++$this->iterationPos;@@ -291,6 +302,7 @@ * * @return bool */+ #[ReturnTypeWillChange] public function valid() { if ($this->iterationMax === null) {@@ -305,6 +317,7 @@ * @param int $pos * @throws Exception\OutOfBoundsException */+ #[ReturnTypeWillChange] public function seek($pos) { if ($this->iterationMax === null) {
Analyzing the provided code diff, here are the security-related findings:
1. Vulnerability Existed: not sure
[Potential Type Safety Improvement] [include/laminas-mail/src/Storage/AbstractStorage.php] [Lines 46-48]
[Old Code]
protected $messageClass = 'Laminas\Mail\Storage\Message';
[Fixed Code]
protected $messageClass = Message::class;
2. Vulnerability Existed: not sure
[String Comparison Improvement] [include/laminas-mail/src/Storage/AbstractStorage.php] [Lines 65-67]
[Old Code]
if (strpos($var, 'has') === 0) {
$var = strtolower(substr($var, 3));
return isset($this->has[$var]) ? $this->has[$var] : null;
[Fixed Code]
if (str_starts_with($var, 'has')) {
$var = strtolower(substr($var, 3));
return $this->has[$var] ?? null;
3. Vulnerability Existed: not sure
[Return Type Safety] [include/laminas-mail/src/Storage/AbstractStorage.php] [Various method additions]
[Old Code]
(multiple methods without return type declarations)
[Fixed Code]
(multiple methods with #[ReturnTypeWillChange] attribute added)
4. Vulnerability Existed: not sure
[Parameter Type Safety] [include/laminas-mail/src/Storage/AbstractStorage.php] [Lines 235-236]
[Old Code]
public function offsetSet($id, $value)
[Fixed Code]
public function offsetSet(mixed $id, mixed $value)
The changes appear to be primarily focused on code quality improvements and PHP 8+ compatibility rather than direct security fixes. The most significant changes are:
- Using str_starts_with() instead of strpos() for string comparison
- Adding proper type hints and return type attributes
- Using null coalescing operator (??) instead of ternary
- Using ::class constant instead of string class names
While none of these changes directly address known vulnerabilities, they do improve code robustness and type safety, which could indirectly prevent certain types of security issues.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Transport/Smtp.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Transport/Smtp.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Transport;@@ -14,6 +8,11 @@ use Laminas\Mail\Protocol; use Laminas\Mail\Protocol\Exception as ProtocolException; use Laminas\ServiceManager\ServiceManager;++use function array_unique;+use function count;+use function sprintf;+use function time; /** * SMTP connection object@@ -22,29 +21,19 @@ */ class Smtp implements TransportInterface {- /**- * @var SmtpOptions- */+ /** @var SmtpOptions */ protected $options;- /**- * @var Envelope|null- */+ /** @var Envelope|null */ protected $envelope;- /**- * @var Protocol\Smtp- */+ /** @var null|Protocol\Smtp */ protected $connection;- /**- * @var bool- */+ /** @var bool */ protected $autoDisconnect = true;- /**- * @var Protocol\SmtpPluginManager- */+ /** @var Protocol\SmtpPluginManager */ protected $plugins; /**@@ -55,11 +44,9 @@ protected $connectedTime; /**- * Constructor.- * * @param SmtpOptions $options Optional */- public function __construct(SmtpOptions $options = null)+ public function __construct(?SmtpOptions $options = null) { if (! $options instanceof SmtpOptions) { $options = new SmtpOptions();@@ -70,7 +57,6 @@ /** * Set options *- * @param SmtpOptions $options * @return Smtp */ public function setOptions(SmtpOptions $options)@@ -91,8 +77,6 @@ /** * Set options- *- * @param Envelope $envelope */ public function setEnvelope(Envelope $envelope) {@@ -112,7 +96,6 @@ /** * Set plugin manager for obtaining SMTP protocol connection *- * @param Protocol\SmtpPluginManager $plugins * @throws Exception\InvalidArgumentException * @return Smtp */@@ -161,10 +144,9 @@ * Return an SMTP connection * * @param string $name- * @param array|null $options * @return Protocol\Smtp */- public function plugin($name, array $options = null)+ public function plugin($name, ?array $options = null) { return $this->getPluginManager()->get($name, $options); }@@ -174,30 +156,30 @@ */ public function __destruct() {- if (! $this->getConnection() instanceof Protocol\Smtp) {+ $connection = $this->getConnection();+ if (! $connection instanceof Protocol\Smtp) { return; } try {- $this->getConnection()->quit();- } catch (ProtocolException\ExceptionInterface $e) {+ $connection->quit();+ } catch (ProtocolException\ExceptionInterface) { // ignore } if ($this->autoDisconnect) {- $this->getConnection()->disconnect();+ $connection->disconnect(); } } /** * Sets the connection protocol instance- *- * @param Protocol\AbstractProtocol $connection */ public function setConnection(Protocol\AbstractProtocol $connection) { $this->connection = $connection;- if (($connection instanceof Protocol\Smtp)+ if (+ $connection instanceof Protocol\Smtp && ($this->getOptions()->getConnectionTimeLimit() !== null) ) { $connection->setUseCompleteQuit(false);@@ -207,12 +189,13 @@ /** * Gets the connection protocol instance *- * @return Protocol\Smtp+ * @return null|Protocol\Smtp */ public function getConnection() { $timeLimit = $this->getOptions()->getConnectionTimeLimit();- if ($timeLimit !== null+ if (+ $timeLimit !== null && $this->connectedTime !== null && ((time() - $this->connectedTime) > $timeLimit) ) {@@ -228,8 +211,9 @@ */ public function disconnect() {- if ($this->getConnection() instanceof Protocol\Smtp) {- $this->getConnection()->disconnect();+ $connection = $this->getConnection();+ if ($connection instanceof Protocol\Smtp) {+ $connection->disconnect(); $this->connectedTime = null; } }@@ -240,7 +224,6 @@ * The connection via the protocol adapter is made just-in-time to allow a * developer to add a custom adapter if required before mail is sent. *- * @param Message $message * @throws Exception\RuntimeException */ public function send(Message $message)@@ -248,7 +231,7 @@ // If sending multiple messages per session use existing adapter $connection = $this->getConnection();- if (! ($connection instanceof Protocol\Smtp) || ! $connection->hasSession()) {+ if (! $connection instanceof Protocol\Smtp || ! $connection->hasSession()) { $connection = $this->connect(); } else { // Reset connection to ensure reliable transaction@@ -266,7 +249,7 @@ throw new Exception\RuntimeException( sprintf( '%s transport expects at least one recipient if the message has at least one header or body',- __CLASS__+ self::class ) ); }@@ -286,7 +269,6 @@ /** * Retrieve email address for envelope FROM *- * @param Message $message * @throws Exception\RuntimeException * @return string */@@ -306,7 +288,7 @@ // Per RFC 2822 3.6 throw new Exception\RuntimeException(sprintf( '%s transport expects either a Sender or at least one From address in the Message; none provided',- __CLASS__+ self::class )); }@@ -318,7 +300,6 @@ /** * Prepare array of email address recipients *- * @param Message $message * @return array */ protected function prepareRecipients(Message $message)@@ -345,7 +326,6 @@ /** * Prepare header string from message *- * @param Message $message * @return string */ protected function prepareHeaders(Message $message)@@ -358,7 +338,6 @@ /** * Prepare body string from message *- * @param Message $message * @return string */ protected function prepareBody(Message $message)@@ -374,10 +353,10 @@ protected function lazyLoadConnection() { // Check if authentication is required and determine required class- $options = $this->getOptions();- $config = $options->getConnectionConfig();- $config['host'] = $options->getHost();- $config['port'] = $options->getPort();+ $options = $this->getOptions();+ $config = $options->getConnectionConfig();+ $config['host'] = $options->getHost();+ $config['port'] = $options->getPort(); $this->setConnection($this->plugin($options->getConnectionClass(), $config));@@ -389,7 +368,7 @@ * * @return Protocol\Smtp */- public function connect()+ protected function connect() { if (! $this->connection instanceof Protocol\Smtp) { return $this->lazyLoadConnection();
After analyzing the provided code diff, I don't see any clear security vulnerabilities being fixed. The changes appear to be primarily code style improvements, type hinting enhancements, and minor refactoring. Here's my analysis: 1. Vulnerability Existed: no No specific vulnerability [include/laminas-mail/src/Transport/Smtp.php] [Various lines] [Various old code styles and type hints] [Various improved code styles and type hints] The main changes include: - Removal of docblock comments - Addition of type hints (nullable types) - Code style improvements - Minor refactoring (like using self::class instead of __CLASS__) - Better exception handling (ignoring specific exception types) - Improved property type declarations None of these changes appear to address any specific security vulnerability. The changes seem focused on code quality and maintainability rather than security fixes. If there were any security implications in these changes, they would be very subtle (like the improved exception handling potentially making error cases more robust), but nothing that would qualify as a clear vulnerability fix.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-stdlib/README.md+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-stdlib/README.md@@ -1,7 +1,23 @@ # laminas-stdlib-[](https://travis-ci.org/laminas/laminas-stdlib)-[](https://coveralls.io/github/laminas/laminas-stdlib?branch=master)+[](https://github.com/laminas/laminas-stdlib/actions/workflows/continuous-integration.yml)+[](https://shepherd.dev/github/laminas/laminas-stdlib)++> ## 🇷🇺 Русским гражданам+>+> Мы, участники Laminas, родились и живем в разных странах. У многих из нас есть друзья, родственники и коллеги как в России, так и в Украине. Некоторые из нас родились в России. Некоторые из нас живут в России. У некоторых бабушки и дедушки сражались с фашистами во Второй мировой войне. Здесь никто не поддерживает фашизм.+>+> У одного из нас есть украинская родственница, которая спаслась из дома вместе с сыном. Поезд задержался из-за бомбежки на дороге впереди. У нас есть друзья, которые прячутся в бомбоубежищах. Мы с тревогой ждем весточки от них после воздушных налетов, которые беспорядочно наносят удары и попадают по больницам, школам, детским садам и домам. Мы не берем это из каких-либо СМИ. Мы наблюдаем это напрямую.+>+> Вы доверяете нам достаточно, чтоб использовать наши программы, и мы просим вас довериться нам вновь. Мы нуждаемся в помощи. Выходите и протестуйте против этой бесполезной войны. Остановите кровопролитие. Скажите "Нет войне!"+>+> ## 🇺🇸 To Citizens of Russia+>+> We at Laminas come from all over the world. Many of us have friends, family and colleagues in both Russia and Ukraine. Some of us were born in Russia. Some of us currently live in Russia. Some have grandparents who fought Nazis in World War II. Nobody here supports fascism.+>+> One team member has a Ukrainian relative who fled her home with her son. The train was delayed due to bombing on the road ahead. We have friends who are hiding in bomb shelters. We anxiously follow up on them after the air raids, which indiscriminately fire at hospitals, schools, kindergartens and houses. We're not taking this from any media. These are our actual experiences.+>+> You trust us enough to use our software. We ask that you trust us to say the truth on this. We need your help. Go out and protest this unnecessary war. Stop the bloodshed. Say "stop the war!" `Laminas\Stdlib` is a set of components that implements general purpose utility class for different scopes like:
After analyzing the provided code diff, I can confirm that this is a documentation-only change in the README.md file. There are no code changes that would indicate security fixes or vulnerabilities being addressed.
Here's the structured response:
Vulnerability Existed: no
No vulnerability found in documentation update [include/laminas-mail/vendor/laminas/laminas-stdlib/README.md] [Lines 1-23]
[Old README content with Travis CI and Coveralls badges]
[New README content with GitHub Actions badge, type coverage, and political statement]
The changes include:
1. Switching from Travis CI to GitHub Actions for CI badges
2. Adding a type coverage badge
3. Adding political statements about the Russia-Ukraine war
4. No actual code changes or security-related modifications
Since this is purely a documentation update with no code changes, there are no security vulnerabilities being addressed in this diff.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/ServiceNotFoundException.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/ServiceNotFoundException.php@@ -1,15 +1,11 @@ <?php-/**- * @see https://github.com/laminas/laminas-servicemanager for the canonical source repository- * @copyright https://github.com/laminas/laminas-servicemanager/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-servicemanager/blob/master/LICENSE.md New BSD License- */+declare(strict_types=1); namespace Laminas\ServiceManager\Exception;-use Interop\Container\Exception\NotFoundException; use InvalidArgumentException as SplInvalidArgumentException;+use Psr\Container\NotFoundExceptionInterface; /** * This exception is thrown when the service locator do not manage to find a@@ -17,6 +13,6 @@ */ class ServiceNotFoundException extends SplInvalidArgumentException implements ExceptionInterface,- NotFoundException+ NotFoundExceptionInterface { }
Based on the provided code diff, here's the analysis:
Vulnerability Existed: no
[No specific vulnerability] [include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/ServiceNotFoundException.php] [1-17]
[Old Code]
<?php
/**
* @see https://github.com/laminas/laminas-servicemanager for the canonical source repository
* @copyright https://github.com/laminas/laminas-servicemanager/blob/master/COPYRIGHT.md
* @license https://github.com/laminas/laminas-servicemanager/blob/master/LICENSE.md New BSD License
*/
namespace Laminas\ServiceManager\Exception;
use Interop\Container\Exception\NotFoundException;
use InvalidArgumentException as SplInvalidArgumentException;
/**
* This exception is thrown when the service locator do not manage to find a
* valid factory to create a service.
*/
class ServiceNotFoundException extends SplInvalidArgumentException implements
ExceptionInterface,
NotFoundException
{
}
[Fixed Code]
<?php
declare(strict_types=1);
namespace Laminas\ServiceManager\Exception;
use InvalidArgumentException as SplInvalidArgumentException;
use Psr\Container\NotFoundExceptionInterface;
/**
* This exception is thrown when the service locator do not manage to find a
* valid factory to create a service.
*/
class ServiceNotFoundException extends SplInvalidArgumentException implements
ExceptionInterface,
NotFoundExceptionInterface
{
}
The changes appear to be:
1. Removed docblock comments (license/copyright)
2. Added strict_types declaration
3. Changed the interface from Interop\Container\Exception\NotFoundException to Psr\Container\NotFoundExceptionInterface
These changes don't appear to address any security vulnerabilities, but rather represent:
1. Code style/standards updates
2. Moving from the deprecated container-interop/container-interop to PSR-11 standard
3. Adding strict type checking
No security-related vulnerabilities were fixed in this diff. The changes are primarily maintenance and standards compliance updates.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/symfony/polyfill-mbstring/bootstrap.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/symfony/polyfill-mbstring/bootstrap.php@@ -11,29 +11,33 @@ use Symfony\Polyfill\Mbstring as p;+if (\PHP_VERSION_ID >= 80000) {+ return require __DIR__.'/bootstrap80.php';+}+ if (!function_exists('mb_convert_encoding')) {- function mb_convert_encoding($s, $to, $from = null) { return p\Mbstring::mb_convert_encoding($s, $to, $from); }+ function mb_convert_encoding($string, $to_encoding, $from_encoding = null) { return p\Mbstring::mb_convert_encoding($string, $to_encoding, $from_encoding); } } if (!function_exists('mb_decode_mimeheader')) {- function mb_decode_mimeheader($s) { return p\Mbstring::mb_decode_mimeheader($s); }+ function mb_decode_mimeheader($string) { return p\Mbstring::mb_decode_mimeheader($string); } } if (!function_exists('mb_encode_mimeheader')) {- function mb_encode_mimeheader($s, $charset = null, $transferEnc = null, $lf = null, $indent = null) { return p\Mbstring::mb_encode_mimeheader($s, $charset, $transferEnc, $lf, $indent); }+ function mb_encode_mimeheader($string, $charset = null, $transfer_encoding = null, $newline = "\r\n", $indent = 0) { return p\Mbstring::mb_encode_mimeheader($string, $charset, $transfer_encoding, $newline, $indent); } } if (!function_exists('mb_decode_numericentity')) {- function mb_decode_numericentity($s, $convmap, $enc = null) { return p\Mbstring::mb_decode_numericentity($s, $convmap, $enc); }+ function mb_decode_numericentity($string, $map, $encoding = null) { return p\Mbstring::mb_decode_numericentity($string, $map, $encoding); } } if (!function_exists('mb_encode_numericentity')) {- function mb_encode_numericentity($s, $convmap, $enc = null, $is_hex = false) { return p\Mbstring::mb_encode_numericentity($s, $convmap, $enc, $is_hex); }+ function mb_encode_numericentity($string, $map, $encoding = null, $hex = false) { return p\Mbstring::mb_encode_numericentity($string, $map, $encoding, $hex); } } if (!function_exists('mb_convert_case')) {- function mb_convert_case($s, $mode, $enc = null) { return p\Mbstring::mb_convert_case($s, $mode, $enc); }+ function mb_convert_case($string, $mode, $encoding = null) { return p\Mbstring::mb_convert_case($string, $mode, $encoding); } } if (!function_exists('mb_internal_encoding')) {- function mb_internal_encoding($enc = null) { return p\Mbstring::mb_internal_encoding($enc); }+ function mb_internal_encoding($encoding = null) { return p\Mbstring::mb_internal_encoding($encoding); } } if (!function_exists('mb_language')) {- function mb_language($lang = null) { return p\Mbstring::mb_language($lang); }+ function mb_language($language = null) { return p\Mbstring::mb_language($language); } } if (!function_exists('mb_list_encodings')) { function mb_list_encodings() { return p\Mbstring::mb_list_encodings(); }@@ -42,88 +46,94 @@ function mb_encoding_aliases($encoding) { return p\Mbstring::mb_encoding_aliases($encoding); } } if (!function_exists('mb_check_encoding')) {- function mb_check_encoding($var = null, $encoding = null) { return p\Mbstring::mb_check_encoding($var, $encoding); }+ function mb_check_encoding($value = null, $encoding = null) { return p\Mbstring::mb_check_encoding($value, $encoding); } } if (!function_exists('mb_detect_encoding')) {- function mb_detect_encoding($str, $encodingList = null, $strict = false) { return p\Mbstring::mb_detect_encoding($str, $encodingList, $strict); }+ function mb_detect_encoding($string, $encodings = null, $strict = false) { return p\Mbstring::mb_detect_encoding($string, $encodings, $strict); } } if (!function_exists('mb_detect_order')) {- function mb_detect_order($encodingList = null) { return p\Mbstring::mb_detect_order($encodingList); }+ function mb_detect_order($encoding = null) { return p\Mbstring::mb_detect_order($encoding); } } if (!function_exists('mb_parse_str')) {- function mb_parse_str($s, &$result = array()) { parse_str($s, $result); }+ function mb_parse_str($string, &$result = []) { parse_str($string, $result); return (bool) $result; } } if (!function_exists('mb_strlen')) {- function mb_strlen($s, $enc = null) { return p\Mbstring::mb_strlen($s, $enc); }+ function mb_strlen($string, $encoding = null) { return p\Mbstring::mb_strlen($string, $encoding); } } if (!function_exists('mb_strpos')) {- function mb_strpos($s, $needle, $offset = 0, $enc = null) { return p\Mbstring::mb_strpos($s, $needle, $offset, $enc); }+ function mb_strpos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_strpos($haystack, $needle, $offset, $encoding); } } if (!function_exists('mb_strtolower')) {- function mb_strtolower($s, $enc = null) { return p\Mbstring::mb_strtolower($s, $enc); }+ function mb_strtolower($string, $encoding = null) { return p\Mbstring::mb_strtolower($string, $encoding); } } if (!function_exists('mb_strtoupper')) {- function mb_strtoupper($s, $enc = null) { return p\Mbstring::mb_strtoupper($s, $enc); }+ function mb_strtoupper($string, $encoding = null) { return p\Mbstring::mb_strtoupper($string, $encoding); } } if (!function_exists('mb_substitute_character')) {- function mb_substitute_character($char = null) { return p\Mbstring::mb_substitute_character($char); }+ function mb_substitute_character($substitute_character = null) { return p\Mbstring::mb_substitute_character($substitute_character); } } if (!function_exists('mb_substr')) {- function mb_substr($s, $start, $length = 2147483647, $enc = null) { return p\Mbstring::mb_substr($s, $start, $length, $enc); }+ function mb_substr($string, $start, $length = 2147483647, $encoding = null) { return p\Mbstring::mb_substr($string, $start, $length, $encoding); } } if (!function_exists('mb_stripos')) {- function mb_stripos($s, $needle, $offset = 0, $enc = null) { return p\Mbstring::mb_stripos($s, $needle, $offset, $enc); }+ function mb_stripos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_stripos($haystack, $needle, $offset, $encoding); } } if (!function_exists('mb_stristr')) {- function mb_stristr($s, $needle, $part = false, $enc = null) { return p\Mbstring::mb_stristr($s, $needle, $part, $enc); }+ function mb_stristr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_stristr($haystack, $needle, $before_needle, $encoding); } } if (!function_exists('mb_strrchr')) {- function mb_strrchr($s, $needle, $part = false, $enc = null) { return p\Mbstring::mb_strrchr($s, $needle, $part, $enc); }+ function mb_strrchr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_strrchr($haystack, $needle, $before_needle, $encoding); } } if (!function_exists('mb_strrichr')) {- function mb_strrichr($s, $needle, $part = false, $enc = null) { return p\Mbstring::mb_strrichr($s, $needle, $part, $enc); }+ function mb_strrichr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_strrichr($haystack, $needle, $before_needle, $encoding); } } if (!function_exists('mb_strripos')) {- function mb_strripos($s, $needle, $offset = 0, $enc = null) { return p\Mbstring::mb_strripos($s, $needle, $offset, $enc); }+ function mb_strripos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_strripos($haystack, $needle, $offset, $encoding); } } if (!function_exists('mb_strrpos')) {- function mb_strrpos($s, $needle, $offset = 0, $enc = null) { return p\Mbstring::mb_strrpos($s, $needle, $offset, $enc); }+ function mb_strrpos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_strrpos($haystack, $needle, $offset, $encoding); } } if (!function_exists('mb_strstr')) {- function mb_strstr($s, $needle, $part = false, $enc = null) { return p\Mbstring::mb_strstr($s, $needle, $part, $enc); }+ function mb_strstr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_strstr($haystack, $needle, $before_needle, $encoding); } } if (!function_exists('mb_get_info')) { function mb_get_info($type = 'all') { return p\Mbstring::mb_get_info($type); } } if (!function_exists('mb_http_output')) {- function mb_http_output($enc = null) { return p\Mbstring::mb_http_output($enc); }+ function mb_http_output($encoding = null) { return p\Mbstring::mb_http_output($encoding); } } if (!function_exists('mb_strwidth')) {- function mb_strwidth($s, $enc = null) { return p\Mbstring::mb_strwidth($s, $enc); }+ function mb_strwidth($string, $encoding = null) { return p\Mbstring::mb_strwidth($string, $encoding); } } if (!function_exists('mb_substr_count')) {- function mb_substr_count($haystack, $needle, $enc = null) { return p\Mbstring::mb_substr_count($haystack, $needle, $enc); }+ function mb_substr_count($haystack, $needle, $encoding = null) { return p\Mbstring::mb_substr_count($haystack, $needle, $encoding); } } if (!function_exists('mb_output_handler')) {- function mb_output_handler($contents, $status) { return p\Mbstring::mb_output_handler($contents, $status); }+ function mb_output_handler($string, $status) { return p\Mbstring::mb_output_handler($string, $status); } } if (!function_exists('mb_http_input')) {- function mb_http_input($type = '') { return p\Mbstring::mb_http_input($type); }+ function mb_http_input($type = null) { return p\Mbstring::mb_http_input($type); } }+ if (!function_exists('mb_convert_variables')) {- function mb_convert_variables($toEncoding, $fromEncoding, &$a = null, &$b = null, &$c = null, &$d = null, &$e = null, &$f = null) { return p\Mbstring::mb_convert_variables($toEncoding, $fromEncoding, $a, $b, $c, $d, $e, $f); }+ function mb_convert_variables($to_encoding, $from_encoding, &...$vars) { return p\Mbstring::mb_convert_variables($to_encoding, $from_encoding, ...$vars); } }+ if (!function_exists('mb_ord')) {- function mb_ord($s, $enc = null) { return p\Mbstring::mb_ord($s, $enc); }+ function mb_ord($string, $encoding = null) { return p\Mbstring::mb_ord($string, $encoding); } } if (!function_exists('mb_chr')) {- function mb_chr($code, $enc = null) { return p\Mbstring::mb_chr($code, $enc); }+ function mb_chr($codepoint, $encoding = null) { return p\Mbstring::mb_chr($codepoint, $encoding); } } if (!function_exists('mb_scrub')) {- function mb_scrub($s, $enc = null) { $enc = null === $enc ? mb_internal_encoding() : $enc; return mb_convert_encoding($s, $enc, $enc); }+ function mb_scrub($string, $encoding = null) { $encoding = null === $encoding ? mb_internal_encoding() : $encoding; return mb_convert_encoding($string, $encoding, $encoding); } } if (!function_exists('mb_str_split')) {- function mb_str_split($string, $split_length = 1, $encoding = null) { return p\Mbstring::mb_str_split($string, $split_length, $encoding); }+ function mb_str_split($string, $length = 1, $encoding = null) { return p\Mbstring::mb_str_split($string, $length, $encoding); }+}++if (!function_exists('mb_str_pad')) {+ function mb_str_pad(string $string, int $length, string $pad_string = ' ', int $pad_type = STR_PAD_RIGHT, ?string $encoding = null): string { return p\Mbstring::mb_str_pad($string, $length, $pad_string, $pad_type, $encoding); } } if (extension_loaded('mbstring')) {
After analyzing the provided code diff, I don't find any clear security vulnerabilities being fixed. The changes appear to be primarily focused on: 1. Adding PHP 8.0+ compatibility with a new bootstrap file 2. Parameter renaming for better clarity 3. Code style improvements 4. Adding a new mb_str_pad function Here's the analysis following your requested format: Vulnerability Existed: no No security vulnerability found in diff The changes are primarily parameter renaming and PHP 8+ compatibility additions Vulnerability Existed: not sure Potential parameter naming consistency improvements [include/laminas-mail/vendor/symfony/polyfill-mbstring/bootstrap.php] [Various lines] Old parameter names like $s, $enc, $convmap New more descriptive names like $string, $encoding, $map The changes appear to be code quality improvements rather than security fixes. The most significant change is the addition of PHP 8+ compatibility at the beginning of the file, but this doesn't appear to address any specific vulnerability. The parameter renaming makes the code more maintainable and less prone to errors, but doesn't directly fix any security issues. The mb_parse_str function was modified to return a boolean result, but this appears to be a functionality improvement rather than a security fix.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Exception/InvalidArgumentException.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Exception/InvalidArgumentException.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\Exception;
After analyzing the provided code diff, here's the security assessment: Vulnerability Existed: no [No specific vulnerability] [include/laminas-mail/vendor/laminas/laminas-validator/src/Exception/InvalidArgumentException.php] [Lines 1-10] [Old Code] <?php /** * @see https://github.com/laminas/laminas-validator for the canonical source repository * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License */ namespace Laminas\Validator\Exception; [Fixed Code] <?php namespace Laminas\Validator\Exception; Additional Details: The changes made are purely documentation-related, removing the file header comments that contained repository information, copyright notice, and license information. This doesn't represent a security fix but rather a documentation cleanup. No actual code functionality was changed, and no security vulnerabilities were addressed in this particular diff.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Storage/Message/MessageInterface.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Storage/Message/MessageInterface.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Storage\Message;
Based on the provided code diff, I'll analyze it for security fixes:
Vulnerability Existed: no
[No specific vulnerability found] [include/laminas-mail/src/Storage/Message/MessageInterface.php] [Lines 1-10]
[Old Code: Contains copyright and license header]
[Fixed Code: Removed copyright and license header]
Additional Details:
- The changes shown in the diff only involve removing the documentation block containing copyright and license information.
- This appears to be a documentation/comment change rather than a security fix.
- No actual code changes were made that would affect functionality or security.
- The interface definition itself (which would appear after line 10) wasn't shown in the diff, but the visible changes don't indicate any security-related modifications.
Note: Without seeing the complete file and interface definition, I can only analyze the visible portion of the diff, which shows no security-related changes.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Header/Bcc.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Header/Bcc.php@@ -1,22 +1,12 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Header; class Bcc extends AbstractAddressList {- /**- * @var string- */+ /** @var string */ protected $fieldName = 'Bcc';- /**- * @var string- */+ /** @var string */ protected static $type = 'bcc'; }
After analyzing the provided code diff, here's the security assessment: 1. Vulnerability Existed: no No specific vulnerability found [File] include/laminas-mail/src/Header/Bcc.php [Lines] 1-22 [Old Code] Contains docblock comments with copyright and license information [Fixed Code] Removed docblock comments, simplified property type hints The changes appear to be primarily cosmetic/documentation-related rather than security fixes. The modifications include: 1. Removal of the file-level docblock containing copyright and license information 2. Simplification of property type hint comments 3. No functional changes to the actual code logic These changes don't appear to address any specific security vulnerability, but rather improve code readability and maintainability. The core functionality of the Bcc header class remains unchanged. No security vulnerabilities were identified in this diff. The changes are documentation and code style improvements.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Ean13.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Ean13.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\Barcode;
Analyzing the provided code diff, I can see that only documentation-related content (copyright and license information) was removed, with no actual code changes. Here's the analysis: Vulnerability Existed: no No Vulnerability Found [File] include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Ean13.php [Lines 1-10] [Old Code] <?php /** * @see https://github.com/laminas/laminas-validator for the canonical source repository * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License */ [Fixed Code] <?php The changes only removed documentation comments (metadata about the source repository, copyright, and license information) without modifying any functional code. There are no security implications from this change, and no vulnerabilities were fixed.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/ValidatorInterface.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/ValidatorInterface.php@@ -1,13 +1,15 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator;+/**+ * @psalm-type ValidatorSpecification = array{+ * name: string|class-string<ValidatorInterface>,+ * priority?: int,+ * break_chain_on_failure?: bool,+ * options?: array<string, mixed>,+ * }+ */ interface ValidatorInterface { /**@@ -19,7 +21,7 @@ * * @param mixed $value * @return bool- * @throws Exception\RuntimeException If validation of $value is impossible+ * @throws Exception\RuntimeException If validation of $value is impossible. */ public function isValid($value);@@ -31,7 +33,7 @@ * If isValid() was never called or if the most recent isValid() call * returned true, then this method returns an empty array. *- * @return array+ * @return array<string, string> */ public function getMessages(); }
Based on the provided code diff, I'll analyze it for security vulnerabilities following the required format: 1. Vulnerability Existed: no No specific vulnerability [include/laminas-mail/vendor/laminas/laminas-validator/src/ValidatorInterface.php] [Lines 1-33] Old Code: Original interface definition without Psalm type hints and with less detailed documentation Fixed Code: Added Psalm type hints and more detailed documentation This appears to be primarily a documentation improvement and type hinting update rather than a security fix. The changes include: 1. Removal of the file header comment block 2. Addition of Psalm type specifications for better static analysis 3. More precise type documentation (e.g., changing `@return array` to `@return array<string, string>`) 4. Minor punctuation improvements in docblocks There are no clear security vulnerabilities being addressed in this diff. The changes seem focused on improving code quality, static analysis support, and documentation clarity rather than fixing security issues.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-loader/src/ModuleAutoloader.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-loader/src/ModuleAutoloader.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-loader for the canonical source repository- * @copyright https://github.com/laminas/laminas-loader/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-loader/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Loader;@@ -12,41 +6,51 @@ require_once __DIR__ . '/SplAutoloader.php'; use GlobIterator;+use InvalidArgumentException; use Phar; use PharFileInfo; use SplFileInfo; use Traversable;+use function array_map;+use function class_exists;+use function count;+use function extension_loaded;+use function getcwd;+use function gettype;+use function implode;+use function in_array;+use function is_array;+use function is_string;+use function pathinfo;+use function preg_match;+use function realpath;+use function rtrim;+use function spl_autoload_register;+use function spl_autoload_unregister;+use function sprintf;+use function str_replace;+use function strpos;+use function substr;+use const DIRECTORY_SEPARATOR; class ModuleAutoloader implements SplAutoloader {- /**- * @var array An array of module paths to scan- */+ /** @var array An array of module paths to scan */ protected $paths = [];- /**- * @var array An array of modulename => path- */+ /** @var array An array of modulename => path */ protected $explicitPaths = [];- /**- * @var array An array of namespaceName => namespacePath- */+ /** @var array An array of namespaceName => namespacePath */ protected $namespacedPaths = [];- /**- * @var string Will contain the absolute phar:// path to the executable when packaged as phar file- */+ /** @var string Will contain the absolute phar:// path to the executable when packaged as phar file */ protected $pharBasePath = "";- /**- * @var array An array of supported phar extensions (filled on constructor)- */+ /** @var array An array of supported phar extensions (filled on constructor) */ protected $pharExtensions = [];- /**- * @var array An array of module classes to their containing files- */+ /** @var array An array of module classes to their containing files */ protected $moduleClassMap = []; /**@@ -59,7 +63,7 @@ public function __construct($options = null) { if (extension_loaded('phar')) {- $this->pharBasePath = Phar::running(true);+ $this->pharBasePath = Phar::running(true); $this->pharExtensions = [ 'phar', 'phar.tar',@@ -130,7 +134,7 @@ /** * Autoload a class *- * @param $class+ * @param string $class * @return mixed * False [if unable to load $class] * get_class($class) [if $class is successfully loaded]@@ -167,7 +171,7 @@ } $moduleNameBuffer = str_replace($namespace . "\\", "", $moduleName);- $path .= DIRECTORY_SEPARATOR . $moduleNameBuffer . DIRECTORY_SEPARATOR;+ $path .= DIRECTORY_SEPARATOR . $moduleNameBuffer . DIRECTORY_SEPARATOR; $classLoaded = $this->loadModuleFromDir($path, $class); if ($classLoaded) {@@ -181,7 +185,7 @@ } }- $moduleClassPath = str_replace('\\', DIRECTORY_SEPARATOR, $moduleName);+ $moduleClassPath = str_replace('\\', DIRECTORY_SEPARATOR, $moduleName); $pharSuffixPattern = null; if ($this->pharExtensions) {@@ -189,9 +193,9 @@ } foreach ($this->paths as $path) {- $path = $path . $moduleClassPath;-- if ($path == '.' || substr($path, 0, 2) == './' || substr($path, 0, 2) == '.\\') {+ $path .= $moduleClassPath;++ if ($path === '.' || substr($path, 0, 2) === './' || substr($path, 0, 2) === '.\\') { if (! $basePath = $this->pharBasePath) { $basePath = realpath('.'); }@@ -248,7 +252,7 @@ $file = new SplFileInfo($modulePath); }- if (($file->isReadable() && $file->isFile())) {+ if ($file->isReadable() && $file->isFile()) { // Found directory with Module.php in it $absModulePath = $this->pharBasePath ? (string) $file : $file->getRealPath(); require_once $absModulePath;@@ -272,7 +276,7 @@ protected function loadModuleFromPhar($pharPath, $class) { $pharPath = static::normalizePath($pharPath, false);- $file = new SplFileInfo($pharPath);+ $file = new SplFileInfo($pharPath); if (! $file->isReadable() || ! $file->isFile()) { return false; }@@ -291,7 +295,7 @@ // Phase 1: Not executable phar, no stub, or stub did not provide Module class; try Module.php directly $moduleClassFile = 'phar://' . $fileRealPath . '/Module.php';- $moduleFile = new SplFileInfo($moduleClassFile);+ $moduleFile = new SplFileInfo($moduleClassFile); if ($moduleFile->isReadable() && $moduleFile->isFile()) { require_once $moduleClassFile; if (class_exists($class)) {@@ -303,9 +307,9 @@ // Phase 2: Check for nested module directory within archive // Checks for /path/to/MyModule.tar/MyModule/Module.php // (shell-integrated zip/tar utilities wrap directories like this)- $pharBaseName = $this->pharFileToModuleName($fileRealPath);- $moduleClassFile = 'phar://' . $fileRealPath . '/' . $pharBaseName . '/Module.php';- $moduleFile = new SplFileInfo($moduleClassFile);+ $pharBaseName = $this->pharFileToModuleName($fileRealPath);+ $moduleClassFile = 'phar://' . $fileRealPath . '/' . $pharBaseName . '/Module.php';+ $moduleFile = new SplFileInfo($moduleClassFile); if ($moduleFile->isReadable() && $moduleFile->isFile()) { require_once $moduleClassFile; if (class_exists($class)) {@@ -341,7 +345,7 @@ * registerPaths * * @param array|Traversable $paths- * @throws \InvalidArgumentException+ * @throws InvalidArgumentException * @return ModuleAutoloader */ public function registerPaths($paths)@@ -371,7 +375,7 @@ * * @param string $path * @param bool|string $moduleName- * @throws \InvalidArgumentException+ * @throws InvalidArgumentException * @return ModuleAutoloader */ public function registerPath($path, $moduleName = false)
After analyzing the provided code diff, I don't find any clear security vulnerabilities that were fixed. The changes appear to be primarily code style improvements, type hinting additions, and minor refactoring. Here's my analysis: 1. Vulnerability Existed: no No specific vulnerability found The changes are mainly: - Removed docblock header - Added type hints (string for $class parameter) - Added use statements for InvalidArgumentException - Added function imports - Improved string comparison operators (=== instead of ==) - Minor code formatting improvements 2. Vulnerability Existed: no No specific vulnerability found The changes in path handling (like the substr comparisons) don't appear to fix any security issues but rather improve code consistency and type safety. 3. Vulnerability Existed: no No specific vulnerability found The changes in PHAR file handling appear to be stylistic rather than security-related. The diff shows general code quality improvements rather than security fixes. The most notable changes are: - More strict type comparisons - Better type hints - More explicit exception throwing - Code organization improvements None of these changes appear to address any specific known vulnerabilities, but they do make the code more robust and maintainable.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-loader/src/PluginClassLoader.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-loader/src/PluginClassLoader.php@@ -1,16 +1,20 @@-<?php--/**- * @see https://github.com/laminas/laminas-loader for the canonical source repository- * @copyright https://github.com/laminas/laminas-loader/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-loader/blob/master/LICENSE.md New BSD License- */+<?php // phpcs:disable SlevomatCodingStandard.Namespaces.UnusedUses.UnusedUse namespace Laminas\Loader; use ArrayIterator; use IteratorAggregate;+use ReturnTypeWillChange; use Traversable;++use function array_key_exists;+use function class_exists;+use function is_array;+use function is_int;+use function is_numeric;+use function is_object;+use function is_string;+use function strtolower; /** * Plugin class locator interface@@ -19,12 +23,14 @@ { /** * List of plugin name => class name pairs+ * * @var array */ protected $plugins = []; /** * Static map allow global seeding of plugin loader+ * * @var array */ protected static $staticMap = [];@@ -107,7 +113,7 @@ if (! class_exists($map)) { throw new Exception\InvalidArgumentException('Map class provided is invalid'); }- $map = new $map;+ $map = new $map(); } if (is_array($map)) { $map = new ArrayIterator($map);@@ -209,6 +215,7 @@ * * @return ArrayIterator */+ #[ReturnTypeWillChange] public function getIterator() { return new ArrayIterator($this->plugins);
Based on the provided code diff, I'll analyze it for security fixes:
1. Vulnerability Existed: not sure
[Potential Class Instantiation Issue] [include/laminas-mail/vendor/laminas/laminas-loader/src/PluginClassLoader.php] [Lines 107-113]
[Old Code]
$map = new $map;
[Fixed Code]
$map = new $map();
2. Vulnerability Existed: not sure
[Potential Type Safety Issue] [include/laminas-mail/vendor/laminas/laminas-loader/src/PluginClassLoader.php] [Lines 1-20]
[Old Code]
(No explicit type checking imports)
[Fixed Code]
(Added multiple type checking function imports like is_array, is_string, etc.)
3. Vulnerability Existed: not sure
[Potential Return Type Compatibility Issue] [include/laminas-mail/vendor/laminas/laminas-loader/src/PluginClassLoader.php] [Lines 209-215]
[Old Code]
public function getIterator()
[Fixed Code]
#[ReturnTypeWillChange]
public function getIterator()
The changes appear to be more about code quality and PHP 8+ compatibility rather than direct security fixes. The most notable change is the addition of parentheses when instantiating a class from a variable, which could potentially prevent some edge-case issues but isn't clearly a security fix. The added type checking functions might help prevent type-related vulnerabilities, but there's no direct evidence of a fixed vulnerability. The ReturnTypeWillChange attribute is for PHP 8 compatibility.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/MessageFactory.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/MessageFactory.php@@ -1,14 +1,17 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail; use Traversable;++use function gettype;+use function is_array;+use function is_object;+use function method_exists;+use function sprintf;+use function str_replace;+use function strtr;+use function ucwords; class MessageFactory {@@ -22,7 +25,7 @@ throw new Exception\InvalidArgumentException(sprintf( '"%s" expects an array or Traversable; received "%s"', __METHOD__,- (is_object($options) ? get_class($options) : gettype($options))+ is_object($options) ? $options::class : gettype($options) )); }
Let me analyze the code diff for security fixes following the required format:
Vulnerability Existed: no
[No specific vulnerability] [include/laminas-mail/src/MessageFactory.php] [Lines 1-17]
[Old Code]
<?php
/**
* @see https://github.com/laminas/laminas-mail for the canonical source repository
* @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md
* @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License
*/
[Fixed Code]
<?php
namespace Laminas\Mail;
use Traversable;
use function gettype;
use function is_array;
use function is_object;
use function method_exists;
use function sprintf;
use function str_replace;
use function strtr;
use function ucwords;
Additional Details:
This appears to be primarily code cleanup and organization changes rather than security fixes. The main changes are:
1. Removal of docblock comments
2. Addition of function imports
3. Reorganization of namespace and use statements
Vulnerability Existed: no
[No specific vulnerability] [include/laminas-mail/src/MessageFactory.php] [Lines 22-25]
[Old Code]
(is_object($options) ? get_class($options) : gettype($options))
[Fixed Code]
is_object($options) ? $options::class : gettype($options)
Additional Details:
This change updates the syntax for getting a class name from PHP's traditional get_class() to the newer ::class syntax, which is a syntax improvement rather than a security fix.
No security vulnerabilities were identified in this diff. The changes appear to be code quality improvements and modernization rather than security patches.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-loader/src/Exception/BadMethodCallException.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-loader/src/Exception/BadMethodCallException.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-loader for the canonical source repository- * @copyright https://github.com/laminas/laminas-loader/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-loader/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Loader\Exception;
Based on the provided diff, I'll analyze it for potential security vulnerabilities: Vulnerability Existed: no [No specific vulnerability, documentation removal] [include/laminas-mail/vendor/laminas/laminas-loader/src/Exception/BadMethodCallException.php] [Lines 1-10] [Old Code] <?php /** * @see https://github.com/laminas/laminas-loader for the canonical source repository * @copyright https://github.com/laminas/laminas-loader/blob/master/COPYRIGHT.md * @license https://github.com/laminas/laminas-loader/blob/master/LICENSE.md New BSD License */ namespace Laminas\Loader\Exception; [Fixed Code] <?php namespace Laminas\Loader\Exception; Additional Details: - The changes only remove documentation comments (license/copyright/repository information) - No actual code changes were made - No security vulnerabilities were fixed in this diff - This appears to be a documentation cleanup change rather than a security fix
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Ean12.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Ean12.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\Barcode;
Analyzing the provided code diff, I don't see any security-related changes. The diff only shows the removal of documentation comments (file header) without any functional code changes.
Here's the analysis following your requested format:
Vulnerability Existed: no
No vulnerability found [include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Ean12.php] [Lines 1-10]
[Old Code]
<?php
/**
* @see https://github.com/laminas/laminas-validator for the canonical source repository
* @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md
* @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License
*/
[Fixed Code]
<?php
The changes are purely documentation-related (removing license/copyright headers) and don't affect the security or functionality of the code. No actual code changes were made that would indicate a security fix.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Header/Exception/BadMethodCallException.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Header/Exception/BadMethodCallException.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Header\Exception;
After analyzing the provided code diff, here's the security assessment: Vulnerability Existed: no [No specific vulnerability] [include/laminas-mail/src/Header/Exception/BadMethodCallException.php] [Lines 1-10] [Old Code] <?php /** * @see https://github.com/laminas/laminas-mail for the canonical source repository * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License */ namespace Laminas\Mail\Header\Exception; [Fixed Code] <?php namespace Laminas\Mail\Header\Exception; Additional Details: The changes made are purely documentation-related, removing the file header comments that contained license and copyright information. This doesn't represent a security fix but rather a documentation cleanup. There are no functional code changes that would indicate a security vulnerability being addressed.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.