Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2018-15132HistoryAug 07, 2018 - 3:29 p.m.
CVE-2018-15132
2018-08-0715:29:00
Debian Security Bug Tracker
security-tracker.debian.org
13
EPSS
0.004
Percentile
72.1%
An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn’t implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | php7.0 | < 7.0.33-0+deb9u8 | php7.0_7.0.33-0+deb9u8_all.deb |
Related
cvelist
cvelist
CVE-2018-15132
2018-08-07 15:00:00
ubuntucve
ubuntucve
CVE-2018-15132
2018-08-07 00:00:00
alpinelinux
alpinelinux
CVE-2018-15132
2018-08-07 15:29:00
osv
osv
CVE-2018-15132
2018-08-07 15:29:00
cve
cve
CVE-2018-15132
2018-08-07 15:29:00
prion
prion
Design/Logic Flaw
2018-08-07 15:29:00
nvd
nvd
CVE-2018-15132
2018-08-07 15:29:00
nessus
nessus
PHP < 5.6.37 or 7.2.x < 7.2.8 Multiple Vulnerabilities (Deprecated)
2018-09-07 00:00:00
PHP 5.6.x < 5.6.37 exif_thumbnail_extract() DoS
2018-07-24 00:00:00
PHP 7.1.x < 7.1.20 exif_thumbnail_extract() DoS
2018-07-24 00:00:00
openvas
openvas
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45