Количество 50
Количество 50
CVE-2018-7584
In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.
CVE-2018-7584
In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and ...
CVE-2018-10547
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
CVE-2018-10547
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
CVE-2018-10547
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
CVE-2018-10547
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36 ...
openSUSE-SU-2019:1256-1
Security update for php5
SUSE-SU-2019:0985-1
Security update for php5
openSUSE-SU-2018:0725-1
Security update for php5
openSUSE-SU-2018:0657-1
Security update for php7
SUSE-SU-2018:0717-1
Security update for php5
SUSE-SU-2018:0646-1
Security update for php7
GHSA-w5h8-6928-2j67
In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.
GHSA-phvf-v525-xwq3
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
BDU:2019-04235
Уязвимость компонента ext/phar/phar_object.c интерпретатора языка программирования PHP, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)
BDU:2018-00525
Уязвимость функции php_stream_url_wrap_http_ex интерпретатора PHP, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
SUSE-RU-2019:0823-1
Optional update for php72
openSUSE-SU-2019:1293-1
Security update for php7
SUSE-SU-2019:14013-1
Security update for php53
openSUSE-SU-2019:1573-1
Security update for php7
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-7584 In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string. | CVSS3: 9.8 | 82% Высокий | больше 7 лет назад |
| CVE-2018-7584 In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and ... | CVSS3: 9.8 | 82% Высокий | больше 7 лет назад |
 | CVE-2018-10547 An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712. | CVSS3: 6.1 | 33% Средний | около 7 лет назад |
 | CVE-2018-10547 An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712. | CVSS3: 6.1 | 33% Средний | около 7 лет назад |
| CVE-2018-10547 An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712. | CVSS3: 6.1 | 33% Средний | около 7 лет назад |
| CVE-2018-10547 An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36 ... | CVSS3: 6.1 | 33% Средний | около 7 лет назад |
 | openSUSE-SU-2019:1256-1 Security update for php5 | около 6 лет назад | ||
| SUSE-SU-2019:0985-1 Security update for php5 | около 6 лет назад | ||
| openSUSE-SU-2018:0725-1 Security update for php5 | 82% Высокий | больше 7 лет назад | |
| openSUSE-SU-2018:0657-1 Security update for php7 | 82% Высокий | больше 7 лет назад | |
| SUSE-SU-2018:0717-1 Security update for php5 | 82% Высокий | больше 7 лет назад | |
| SUSE-SU-2018:0646-1 Security update for php7 | 82% Высокий | больше 7 лет назад | |
| GHSA-w5h8-6928-2j67 In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string. | CVSS3: 9.8 | 82% Высокий | около 3 лет назад |
| GHSA-phvf-v525-xwq3 An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712. | CVSS3: 6.1 | 33% Средний | около 3 лет назад |
 | BDU:2019-04235 Уязвимость компонента ext/phar/phar_object.c интерпретатора языка программирования PHP, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS) | CVSS3: 6.1 | 33% Средний | около 7 лет назад |
| BDU:2018-00525 Уязвимость функции php_stream_url_wrap_http_ex интерпретатора PHP, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании | CVSS3: 9.8 | 82% Высокий | больше 7 лет назад |
| SUSE-RU-2019:0823-1 Optional update for php72 | около 6 лет назад | ||
| openSUSE-SU-2019:1293-1 Security update for php7 | около 6 лет назад | ||
| SUSE-SU-2019:14013-1 Security update for php53 | около 6 лет назад | ||
| openSUSE-SU-2019:1573-1 Security update for php7 | около 6 лет назад |
Уязвимостей на страницу