MGASA-2018-0390

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2018-0390.html
Import Source
https://advisories.mageia.org/MGASA-2018-0390.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2018-0390
Related
Published
2018-09-21T16:26:22Z
Modified
2018-09-21T16:04:16Z
Summary
Updated php packages fix security vulnerability
Details
  • Int Overflow lead to Heap OverFlow in exifthumbnailextract of exif.c (CVE-2018-14883)
  • heap-buffer-overflow (READ of size 48) while reading exif data (CVE-2018-14851)
  • XSS due to the header Transfer-Encoding: chunked
References
Credits

Affected packages

Mageia:6 / php

Package

Name
php
Purl
pkg:rpm/mageia/php?distro=mageia-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.6.38-1.mga6

Ecosystem specific 

{
    "section": "core"
}