CVE-2018-5712
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-5712
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5712.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-5712
- Related
- Published
- 2018-01-16T09:29:00Z
- Modified
- 2024-09-03T02:17:50.890048Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.
- References
-
- http://php.net/ChangeLog-5.php
- http://php.net/ChangeLog-7.php
- http://www.securityfocus.com/bid/102742
- http://www.securityfocus.com/bid/104020
- http://www.securitytracker.com/id/1040363
- https://access.redhat.com/errata/RHSA-2018:1296
- https://access.redhat.com/errata/RHSA-2019:2519
- https://bugs.php.net/bug.php?id=74782
- https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html
- https://usn.ubuntu.com/3566-1/
- https://usn.ubuntu.com/3600-1/
- https://usn.ubuntu.com/3600-2/
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://security.alpinelinux.org/vuln/CVE-2018-5712
Affected packages
Alpine:v3.4 / php5
Package
- Name
- php5
- Purl
- pkg:apk/alpine/php5?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.6.36-r0
Affected versions
5.*
5.2.8-r0
5.2.8-r1
5.2.9-r0
5.2.10-r0
5.2.10-r2
5.2.10-r3
5.2.10-r4
5.2.11-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.0-r3
5.3.1-r0
5.3.1-r1
5.3.1-r2
5.3.1-r3
5.3.1-r4
5.3.1-r5
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.3-r0
5.3.3-r1
5.3.3-r2
5.3.3-r3
5.3.3-r4
5.3.3-r5
5.3.4-r0
5.3.4-r1
5.3.4-r2
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.3.5-r3
5.3.5-r4
5.3.5-r5
5.3.5-r6
5.3.5-r7
5.3.6-r0
5.3.6-r1
5.3.6-r2
5.3.6-r3
5.3.6-r4
5.3.6-r5
5.3.6-r6
5.3.6-r7
5.3.6-r8
5.3.6-r9
5.3.6-r10
5.3.6-r11
5.3.7-r0
5.3.7-r1
5.3.8-r0
5.3.8-r1
5.3.8-r2
5.3.9-r0
5.3.9-r1
5.3.10-r0
5.3.10-r1
5.3.10-r2
5.3.10-r3
5.3.10-r4
5.3.10-r5
5.3.12-r0
5.3.12-r1
5.3.12-r2
5.3.12-r3
5.3.15-r3
5.3.16-r0
5.3.17-r0
5.3.18-r0
5.3.19-r0
5.3.20-r0
5.3.20-r1
5.3.21-r1
5.3.21-r2
5.3.23-r0
5.3.23-r1
5.4.14-r0
5.4.14-r1
5.4.14-r2
5.4.14-r3
5.4.15-r0
5.4.15-r1
5.4.16-r0
5.4.17-r0
5.4.17-r1
5.4.19-r0
5.4.20-r0
5.5.4-r0
5.5.4-r1
5.5.5-r0
5.5.5-r1
5.5.5-r2
5.5.6-r0
5.5.6-r1
5.5.7-r0
5.5.8-r0
5.5.8-r1
5.5.9-r0
5.5.10-r0
5.5.11-r0
5.5.11-r1
5.5.12-r0
5.5.13-r0
5.5.13-r1
5.5.13-r2
5.5.13-r3
5.5.13-r4
5.5.14-r0
5.5.15-r0
5.5.15-r1
5.5.16-r0
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.4-r0
5.6.5-r0
5.6.5-r1
5.6.6-r0
5.6.7-r0
5.6.7-r1
5.6.8-r0
5.6.8-r1
5.6.9-r0
5.6.9-r1
5.6.10-r0
5.6.11-r0
5.6.12-r0
5.6.13-r0
5.6.14-r0
5.6.15-r0
5.6.15-r1
5.6.15-r2
5.6.15-r3
5.6.16-r0
5.6.17-r0
5.6.18-r0
5.6.18-r1
5.6.19-r0
5.6.19-r1
5.6.20-r0
5.6.21-r0
5.6.21-r1
5.6.21-r2
5.6.23-r0
5.6.24-r0
5.6.25-r0
5.6.26-r0
5.6.27-r0
5.6.28-r0
5.6.29-r0
5.6.30-r0
5.6.31-r0
5.6.33-r0
5.6.34-r0
5.6.35-r0
Alpine:v3.5 / php5
Package
- Name
- php5
- Purl
- pkg:apk/alpine/php5?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.6.36-r0
Affected versions
5.*
5.2.8-r0
5.2.8-r1
5.2.9-r0
5.2.10-r0
5.2.10-r2
5.2.10-r3
5.2.10-r4
5.2.11-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.0-r3
5.3.1-r0
5.3.1-r1
5.3.1-r2
5.3.1-r3
5.3.1-r4
5.3.1-r5
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.3-r0
5.3.3-r1
5.3.3-r2
5.3.3-r3
5.3.3-r4
5.3.3-r5
5.3.4-r0
5.3.4-r1
5.3.4-r2
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.3.5-r3
5.3.5-r4
5.3.5-r5
5.3.5-r6
5.3.5-r7
5.3.6-r0
5.3.6-r1
5.3.6-r2
5.3.6-r3
5.3.6-r4
5.3.6-r5
5.3.6-r6
5.3.6-r7
5.3.6-r8
5.3.6-r9
5.3.6-r10
5.3.6-r11
5.3.7-r0
5.3.7-r1
5.3.8-r0
5.3.8-r1
5.3.8-r2
5.3.9-r0
5.3.9-r1
5.3.10-r0
5.3.10-r1
5.3.10-r2
5.3.10-r3
5.3.10-r4
5.3.10-r5
5.3.12-r0
5.3.12-r1
5.3.12-r2
5.3.12-r3
5.3.15-r3
5.3.16-r0
5.3.17-r0
5.3.18-r0
5.3.19-r0
5.3.20-r0
5.3.20-r1
5.3.21-r1
5.3.21-r2
5.3.23-r0
5.3.23-r1
5.4.14-r0
5.4.14-r1
5.4.14-r2
5.4.14-r3
5.4.15-r0
5.4.15-r1
5.4.16-r0
5.4.17-r0
5.4.17-r1
5.4.19-r0
5.4.20-r0
5.5.4-r0
5.5.4-r1
5.5.5-r0
5.5.5-r1
5.5.5-r2
5.5.6-r0
5.5.6-r1
5.5.7-r0
5.5.8-r0
5.5.8-r1
5.5.9-r0
5.5.10-r0
5.5.11-r0
5.5.11-r1
5.5.12-r0
5.5.13-r0
5.5.13-r1
5.5.13-r2
5.5.13-r3
5.5.13-r4
5.5.14-r0
5.5.15-r0
5.5.15-r1
5.5.16-r0
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.4-r0
5.6.5-r0
5.6.5-r1
5.6.6-r0
5.6.7-r0
5.6.7-r1
5.6.8-r0
5.6.8-r1
5.6.9-r0
5.6.9-r1
5.6.10-r0
5.6.11-r0
5.6.12-r0
5.6.13-r0
5.6.14-r0
5.6.15-r0
5.6.15-r1
5.6.15-r2
5.6.15-r3
5.6.16-r0
5.6.17-r0
5.6.18-r0
5.6.18-r1
5.6.19-r0
5.6.19-r1
5.6.20-r0
5.6.21-r0
5.6.21-r1
5.6.21-r2
5.6.22-r0
5.6.23-r0
5.6.24-r0
5.6.25-r0
5.6.25-r1
5.6.26-r0
5.6.26-r1
5.6.27-r0
5.6.28-r0
5.6.29-r0
5.6.29-r1
5.6.30-r0
5.6.31-r0
5.6.32-r0
5.6.33-r0
5.6.34-r0
5.6.35-r0