Lucene search
F5F5:K09361513HistoryAug 08, 2017 - 12:03 a.m.
PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890
2017-08-0800:03:00
support.f5.com
164
0.298 Low
EPSS
Percentile
97.0%
F5 Product Development has evaluated the currently supported releases for potential vulnerability.
To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:
| Product | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature |
|---|---|---|---|---|
| BIG-IP LTM | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | ||||
| 11.4.1 - 11.6.1 | ||||
| 11.2.1 | Not vulnerable | None | ||
| BIG-IP AAM | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | ||||
| 11.4.1 - 11.6.1 | Not vulnerable | None | ||
| BIG-IP AFM | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | ||||
| 11.4.1 - 11.6.1 | Not vulnerable | None | ||
| BIG-IP Analytics | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | ||||
| 11.4.1 - 11.6.1 | ||||
| 11.2.1 | Not vulnerable | None | ||
| BIG-IP APM | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | ||||
| 11.4.1 - 11.6.1 | ||||
| 11.2.1 | Not vulnerable | None | ||
| BIG-IP ASM | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | ||||
| 11.4.1 - 11.6.1 | ||||
| 11.2.1 | Not vulnerable | None | ||
| BIG-IP DNS | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | Not vulnerable | None | ||
| BIG-IP Edge Gateway | None | 11.2.1 | Not vulnerable | None |
| BIG-IP GTM | None | 11.4.1 - 11.6.1 | ||
| 11.2.1 | Not vulnerable | None | ||
| BIG-IP Link Controller | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | ||||
| 11.4.1 - 11.6.1 | ||||
| 11.2.1 | Not vulnerable | None | ||
| BIG-IP PEM | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | ||||
| 11.4.1 - 11.6.1 | Not vulnerable | None | ||
| BIG-IP PSM | None | 11.4.1 | Not vulnerable | None |
| BIG-IP WebAccelerator | None | 11.2.1 | Not vulnerable | None |
| BIG-IP WebSafe | None | 13.0.0 | ||
| 12.0.0 - 12.1.2 | ||||
| 11.6.0 - 11.6.1 | Not vulnerable | None | ||
| ARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None |
| Enterprise Manager | None | 3.1.1 | Not vulnerable | None |
| BIG-IQ Cloud | None | 4.4.0 - 4.5.0 | Not vulnerable | None |
| BIG-IQ Device | None | 4.4.0 - 4.5.0 | Not vulnerable | None |
| BIG-IQ Security | None | 4.4.0 - 4.5.0 | Not vulnerable | None |
| BIG-IQ ADC | None | 4.5.0 | Not vulnerable | None |
| BIG-IQ Centralized Management | None | 5.0.0 - 5.3.0 | ||
| 4.6.0 | Not vulnerable | None | ||
| BIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None |
| F5 iWorkflow | None | 2.0.0 - 2.2.0 | Not vulnerable | None |
| LineRate | None | 2.5.0 - 2.6.2 | Not vulnerable | None |
| Traffix SDC | None | 5.0.0 - 5.1.0 | ||
| 4.0.0 - 4.4.0 | Not vulnerable | None |
None
Related
f5
f5
K01709026 : PHP vulnerabilities CVE-2017-7890 and CVE-2017-9226
2017-08-07 00:00:00
cvelist
cvelist
CVE-2017-9226
2017-05-24 15:00:00
CVE-2017-7890
2017-08-02 19:00:00
debiancve
debiancve
CVE-2017-9226
2017-05-24 15:29:00
CVE-2017-7890
2017-08-02 19:29:00
checkpoint_advisories
checkpoint_advisories
Oniguruma Project Memory Corruption (CVE-2017-9226)
2020-09-24 00:00:00
PHP gdImageCreateFromGifCtx Out of Bounds Read (CVE-2017-7890)
2017-08-10 00:00:00
prion
prion
Heap overflow
2017-05-24 15:29:00
Information disclosure
2017-08-02 19:29:00
veracode
veracode
Out-of-Bounds Write
2019-05-16 02:59:59
Information Disclosure
2019-05-16 02:59:59
Use After Free
2019-05-16 02:59:58
osv
osv
CVE-2017-9226
2017-05-24 15:29:00
CVE-2017-7890
2017-08-02 19:29:00
libgd2 - security update
2017-08-12 00:00:00
redhatcve
redhatcve
CVE-2017-9226
2017-06-30 11:21:15
CVE-2017-7890
2017-07-21 19:18:29
nvd
nvd
CVE-2017-9226
2017-05-24 15:29:00
CVE-2017-7890
2017-08-02 19:29:00
ubuntucve
ubuntucve
CVE-2017-9226
2017-05-24 00:00:00
CVE-2017-7890
2017-08-02 00:00:00
centos
centos
php security update
2018-03-10 01:07:54
openvas
openvas
Ubuntu: Security Advisory (USN-3389-2)
2022-08-26 00:00:00
CentOS Update for php CESA-2018:0406 centos7
2018-03-14 00:00:00
Ubuntu: Security Advisory (USN-3389-1)
2018-10-26 00:00:00
ubuntu
ubuntu
GD vulnerability
2017-08-14 00:00:00
GD vulnerability
2017-08-14 00:00:00
PHP vulnerabilities
2017-12-18 00:00:00
nessus
nessus
EulerOS Virtualization 2.5.0 : php (EulerOS-SA-2018-1249)
2018-09-18 00:00:00
RHEL 7 : php (RHSA-2018:0406)
2018-03-07 00:00:00
Oracle Linux 7 : php (ELSA-2018-0406)
2018-03-08 00:00:00
ibm
ibm
redhat
redhat
(RHSA-2018:0406) Moderate: php security update
2018-03-06 18:36:35
debian
debian
[SECURITY] [DLA 1055-1] libgd2 security update
2017-08-12 21:36:16
[SECURITY] [DSA 3938-1] libgd2 security update
2017-08-12 12:37:19
[SECURITY] [DSA 3938-1] libgd2 security update
2017-08-12 12:37:19
alpinelinux
alpinelinux
CVE-2017-7890
2017-08-02 19:29:00
CVE-2017-9226
2017-05-24 15:29:00
freebsd
freebsd
php-gd and gd -- Buffer over-read into uninitialized memory
2017-08-02 00:00:00
oniguruma -- multiple vulnerabilities
2017-07-06 00:00:00
cve
cve
CVE-2017-7890
2017-08-02 19:29:00
CVE-2017-9226
2017-05-24 15:29:00
oraclelinux
oraclelinux
php security update
2018-03-07 00:00:00
mageia
mageia
Updated php and libgd packages fix security vulnerabilities
2017-08-08 01:16:24
amazon
amazon
Medium: php70
2017-08-03 20:38:00
Important: oniguruma
2023-10-12 15:09:00
Medium: php56
2017-08-17 18:16:00
slackware
slackware
[slackware-security] gd
2018-04-19 01:44:39
[slackware-security] php
2017-07-08 00:39:45
fedora
fedora
[SECURITY] Fedora 26 Update: gd-2.2.5-1.fc26
2017-09-02 22:27:10
[SECURITY] Fedora 27 Update: gd-2.2.5-1.fc27
2017-09-30 07:21:04
[SECURITY] Fedora 25 Update: gd-2.2.5-1.fc25
2017-09-06 20:52:42
hackerone
hackerone
altlinux
altlinux
Security fix for the ALT Linux 8 package oniguruma version 6.4.0-alt1
2017-07-12 00:00:00
suse
suse
Security update for php7 (important)
2017-09-04 12:07:53
Security update for php7 (important)
2017-08-30 19:30:52
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45