Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-12882

Опубликовано: 26 июн. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function.

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

5.5.9+dfsg-1ubuntu4.25
precise/esm

not-affected

trusty

not-affected

5.5.9+dfsg-1ubuntu4.25
trusty/esm

not-affected

5.5.9+dfsg-1ubuntu4.25
upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

7.0.30-0ubuntu0.16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

needs-triage

xenial

not-affected

7.0.30-0ubuntu0.16.04.1

Показывать по

РелизСтатусПримечание
artful

not-affected

7.1.17-0ubuntu0.17.10.1
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

released

7.2.7-0ubuntu0.18.04.2
devel

released

7.2.7-0ubuntu2
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

7.2.7-0ubuntu0.18.04.2
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

needs-triage

xenial

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 88%
0.04292
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-12882

CVSS3: 6.3
redhat
больше 7 лет назад

exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function.

nvd логотип

CVE-2018-12882

CVSS3: 9.8
nvd
больше 7 лет назад

exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function.

debian логотип

CVE-2018-12882

CVSS3: 9.8
debian
больше 7 лет назад

exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allo ...

suse-cvrf логотип

openSUSE-SU-2018:2014-1

suse-cvrf
больше 7 лет назад

Security update for php7

suse-cvrf логотип

openSUSE-SU-2018:1913-1

suse-cvrf
больше 7 лет назад

Security update for php7

EPSS

Процентиль: 88%
0.04292
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Уязвимость CVE-2018-12882