22 matches found
Apache2 - Transfer-Encoding Chunked XSS
Apache2 PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 contain a reflected cross-site scripting vulnerability caused by mishandling of chunked transfer-encoding requests in sapi/apache2handler/sapiapache2.c. Attackers can execute malicious scripts via crafted...
Linux Distros Unpatched Vulnerability : CVE-2018-17082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a Transfer-Encoding:...
K89095152: PHP vulnerability CVE-2018-17082
Security Advisory Description The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the phphandler function in...
demircihotel.com Cross Site Scripting vulnerability OBB-2662072
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE: Security Advisory (SUSE-SU-2018:3016-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2887-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3017-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: rh-php71-php security, bug fix, and enhancement update
An update for rh-php71-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in PHP (CVE-2018-17082)
Summary IBM Advanced Management Module AMM has addressed the following vulnerability in PHP. Vulnerability Details CVEID: CVE-2018-17082 DESCRIPTION: PHP is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Apache2 component. A remote attacker could...
SUSE SLES12 Security Update : php7 (SUSE-SU-2018:2887-1)
This update for php7 fixes the following issues : CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753. Note that Tenable Network Security has extracted the...
SUSE SLES12 Security Update : php5 (SUSE-SU-2018:3017-1)
This update for php5 fixes the following issue : CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 Note that Tenable Network Security has extracted the...
[SECURITY] [DSA 4353-1] php7.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4353-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 10, 2018 https://www.debian.org/security/faq -...
GLSA-201812-01 : PHP: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201812-01 PHP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PHP. Please review the referenced CVE identifiers for details. Impact : An attacker could cause a Denial of Service condition or obtain...
openSUSE: Security Advisory for php7 (openSUSE-SU-2018:3062-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Amazon Linux AMI : php56 / php70, php71, php72 (ALAS-2018-1090)
The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade is mishandled in the phphandler function in sapi/apache2handler/sapiapache2.c. CVE-2018-17082...
openSUSE Security Update : php5 (openSUSE-2018-1130)
This update for php5 fixes the following issue : - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 This update was imported from the SUSE:SLE-12:Update...
SUSE SLES11 Security Update : php53 (SUSE-SU-2018:3018-1)
This update for php53 fixes the following issue : CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 Note that Tenable Network Security has extracted the...
openSUSE Security Update : php7 (openSUSE-2018-1131)
This update for php7 fixes the following issues : This security issue was fixed : - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 This non-security...
openSUSE: Security Advisory for php5 (openSUSE-SU-2018:3056-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for php7 (openSUSE-SU-2018:2929-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...