Linux Distros Unpatched Vulnerability : CVE-2018-17082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a Transfer-Encoding:...

php: Cross-site scripting (XSS) flaw in Apache2 component via body of 'Transfer-Encoding: chunked' request

A cross-site scripting XSS vulnerability in Apache2 component of PHP was found. When using 'Transfer-Encoding: chunked', the request allows remote attackers to potentially run a malicious script in a victim's browser. This vulnerability can be exploited only by producing malformed requests and it...

SUSE-SU-2018:2887-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753...

Stack overflow

Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information wa...