Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-10546

Опубликовано: 29 апр. 2018
Источник: debian
EPSS Средний

Описание

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
php7.2fixed7.2.8-1package
php7.1fixed7.1.19-1package
php7.0fixed7.0.30-1package
php5removedpackage
php5not-affectedwheezypackage

Примечания

  • Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5

  • PHP Bug: https://bugs.php.net/bug.php?id=76249

EPSS

Процентиль: 98%
0.57167
Средний

Связанные уязвимости

ubuntu логотип

CVE-2018-10546

CVSS3: 7.5
ubuntu
около 7 лет назад

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.

redhat логотип

CVE-2018-10546

CVSS3: 7.5
redhat
около 7 лет назад

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.

nvd логотип

CVE-2018-10546

CVSS3: 7.5
nvd
около 7 лет назад

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.

github логотип

GHSA-2396-h4jp-vpjg

CVSS3: 7.5
github
около 3 лет назад

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.

fstec логотип

BDU:2019-04234

CVSS3: 7.5
fstec
около 7 лет назад

Уязвимость потокового фильтра iconv (ext/iconv/iconv.c) интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 98%
0.57167
Средний