Lucene search

K

Veracode Vulnerability DatabaseVERACODE:21331

HistoryAug 20, 2019 - 12:10 a.m.

Cross-site Scripting (XSS)

2019-08-2000:10:41

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

15

EPSS

0.003

Percentile

68.0%

PHP is vulnerable to Cross-site scripting (XSS). It is due to a flaw in Apache2 component via body of ‘Transfer-Encoding: chunked’ request.

References

php.net/ChangeLog-5.php

php.net/ChangeLog-7.php

access.redhat.com/errata/RHSA-2019:2519

access.redhat.com/security/updates/classification/#moderate

bugs.php.net/bug.php?id=76582

github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e

lists.debian.org/debian-lts-announce/2018/09/msg00020.html

security.gentoo.org/glsa/201812-01

security.netapp.com/advisory/ntap-20180924-0001/

www.debian.org/security/2018/dsa-4353

EPSS

0.003

Percentile

68.0%

Related for VERACODE:21331

suse3 nessus31 alpinelinux1 nvd1 cvelist1 prion1 openvas17 ubuntucve1 debian2 debiancve1 f51 osv3 cve1 ibm2 fedora3 amazon1 redhatcve1 hackerone1 checkpoint_advisories1 gentoo1 redhat1 rosalinux1