Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2018-10547HistoryApr 29, 2018 - 9:29 p.m.
CVE-2018-10547
2018-04-2921:29:00
Debian Security Bug Tracker
security-tracker.debian.org
20
0.62 Medium
EPSS
Percentile
97.8%
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | php7.0 | < 7.0.33-0+deb9u8 | php7.0_7.0.33-0+deb9u8_all.deb |
Related
alpinelinux
alpinelinux
CVE-2018-10547
2018-04-29 21:29:00
CVE-2018-5712
2018-01-16 09:29:00
prion
prion
Design/Logic Flaw
2018-04-29 21:29:00
Cross site scripting
2018-01-16 09:29:00
cve
cve
CVE-2018-10547
2018-04-29 21:29:00
CVE-2018-5712
2018-01-16 09:29:00
osv
osv
CVE-2018-10547
2018-04-29 21:29:00
CVE-2018-5712
2018-01-16 09:29:00
php5 - security update
2018-01-20 00:00:00
redhatcve
redhatcve
CVE-2018-10547
2018-05-02 10:29:35
CVE-2018-5712
2019-11-04 09:50:26
f5
f5
K61561040 : PHP vulnerability CVE-2018-10547
2018-05-07 00:00:00
K10204425 : PHP vulnerability CVE-2018-5712
2018-01-24 00:00:00
cvelist
cvelist
CVE-2018-10547
2018-04-29 21:00:00
CVE-2018-5712
2018-01-16 09:00:00
ubuntucve
ubuntucve
CVE-2018-10547
2018-04-29 00:00:00
CVE-2018-5712
2018-01-16 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2019-08-20 00:10:41
Cross-site Scripting (XSS)
2019-05-16 03:00:00
Use After Free
2019-05-16 02:59:58
nvd
nvd
CVE-2018-10547
2018-04-29 21:29:00
CVE-2018-5712
2018-01-16 09:29:00
openvas
openvas
Debian: Security Advisory (DLA-1373-1)
2018-05-13 00:00:00
Slackware: Security Advisory (SSA:2018-136-02)
2022-04-21 00:00:00
PHP Multiple Vulnerabilities (May 2018) - Windows
2018-05-02 00:00:00
nessus
nessus
Scientific Linux Security Update : php on SL7.x x86_64 (20200407)
2020-04-21 00:00:00
RHEL 7 : php (RHSA-2020:1112)
2020-03-31 00:00:00
Oracle Linux 7 : php (ELSA-2020-1112)
2023-09-07 00:00:00
centos
centos
php security update
2020-04-08 19:04:38
debian
debian
[SECURITY] [DLA 1373-1] php5 security update
2018-05-09 19:09:30
[SECURITY] [DLA 1251-1] php5 security update
2018-01-20 15:25:36
[SECURITY] [DLA 1397-1] php5 security update
2018-06-26 18:41:29
redhat
redhat
(RHSA-2020:1112) Moderate: php security update
2020-03-31 09:20:14
fedora
fedora
[SECURITY] Fedora 27 Update: php-7.1.17-1.fc27
2018-05-04 08:20:24
[SECURITY] Fedora 26 Update: php-7.1.17-1.fc26
2018-05-03 15:23:45
[SECURITY] Fedora 28 Update: php-7.2.5-1.fc28
2018-05-03 15:27:57
slackware
slackware
[slackware-security] php
2018-05-17 04:21:18
[slackware-security] php
2018-02-04 07:16:29
amazon
amazon
Medium: php56, php70, php71
2018-05-10 18:23:00
Medium: php56, php70, php71
2018-02-07 17:10:00
oraclelinux
oraclelinux
php security update
2020-04-06 00:00:00
debiancve
debiancve
CVE-2018-5712
2018-01-16 09:29:00
ubuntu
ubuntu
PHP vulnerabilities
2018-05-15 00:00:00
PHP vulnerabilities
2018-05-16 00:00:00
PHP vulnerabilities
2018-03-19 00:00:00
suse
suse
Security update for php7 (important)
2018-05-11 00:11:52
Security update for php5 (important)
2018-05-17 00:10:37
Security update for php7 (important)
2018-05-09 15:08:34
mageia
mageia
Updated php packages fix security vulnerabilities
2018-05-04 20:29:33
ibm
ibm
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
oracle
oracle
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00