cvelist/2018/5xxx/CVE-2018-5712.json

{
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-5712",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "USN-3600-1",
                "refsource": "UBUNTU",
                "url": "https://usn.ubuntu.com/3600-1/"
            },
            {
                "name": "1040363",
                "refsource": "SECTRACK",
                "url": "http://www.securitytracker.com/id/1040363"
            },
            {
                "name": "104020",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/104020"
            },
            {
                "name": "RHSA-2018:1296",
                "refsource": "REDHAT",
                "url": "https://access.redhat.com/errata/RHSA-2018:1296"
            },
            {
                "name": "http://php.net/ChangeLog-5.php",
                "refsource": "CONFIRM",
                "url": "http://php.net/ChangeLog-5.php"
            },
            {
                "name": "USN-3566-1",
                "refsource": "UBUNTU",
                "url": "https://usn.ubuntu.com/3566-1/"
            },
            {
                "name": "http://php.net/ChangeLog-7.php",
                "refsource": "CONFIRM",
                "url": "http://php.net/ChangeLog-7.php"
            },
            {
                "name": "[debian-lts-announce] 20180120 [SECURITY] [DLA 1251-1] php5 security update",
                "refsource": "MLIST",
                "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html"
            },
            {
                "name": "https://bugs.php.net/bug.php?id=74782",
                "refsource": "CONFIRM",
                "url": "https://bugs.php.net/bug.php?id=74782"
            },
            {
                "name": "102742",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/102742"
            },
            {
                "name": "USN-3600-2",
                "refsource": "UBUNTU",
                "url": "https://usn.ubuntu.com/3600-2/"
            },
            {
                "refsource": "REDHAT",
                "name": "RHSA-2019:2519",
                "url": "https://access.redhat.com/errata/RHSA-2019:2519"
            },
            {
                "url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
                "refsource": "MISC",
                "name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            }
        ]
    }
}
- Synchronized data. 2018-01-16 04:04:11 -05:00			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "cve@mitre.org",`
			`"ID": "CVE-2018-5712",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"product": {`
			`"product_data": [`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"product_name": "n/a",`
			`"version": {`
			`"version_data": [`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"version_value": "n/a"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"vendor_name": "n/a"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`}`
			`]`
			`}`
			`},`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Synchronized data. 2018-01-16 04:04:11 -05:00			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"lang": "eng",`
			`"value": "An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file."`
- Synchronized data. 2018-01-16 04:04:11 -05:00			`}`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`]`
			`},`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"problemtype": {`
			`"problemtype_data": [`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"description": [`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"lang": "eng",`
			`"value": "n/a"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`}`
			`]`
			`}`
			`]`
			`},`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"references": {`
			`"reference_data": [`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "USN-3600-1",`
			`"refsource": "UBUNTU",`
			`"url": "https://usn.ubuntu.com/3600-1/"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "1040363",`
			`"refsource": "SECTRACK",`
			`"url": "http://www.securitytracker.com/id/1040363"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "104020",`
			`"refsource": "BID",`
			`"url": "http://www.securityfocus.com/bid/104020"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "RHSA-2018:1296",`
			`"refsource": "REDHAT",`
			`"url": "https://access.redhat.com/errata/RHSA-2018:1296"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "http://php.net/ChangeLog-5.php",`
			`"refsource": "CONFIRM",`
			`"url": "http://php.net/ChangeLog-5.php"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "USN-3566-1",`
			`"refsource": "UBUNTU",`
			`"url": "https://usn.ubuntu.com/3566-1/"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "http://php.net/ChangeLog-7.php",`
			`"refsource": "CONFIRM",`
			`"url": "http://php.net/ChangeLog-7.php"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "[debian-lts-announce] 20180120 [SECURITY] [DLA 1251-1] php5 security update",`
			`"refsource": "MLIST",`
			`"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "https://bugs.php.net/bug.php?id=74782",`
			`"refsource": "CONFIRM",`
			`"url": "https://bugs.php.net/bug.php?id=74782"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "102742",`
			`"refsource": "BID",`
			`"url": "http://www.securityfocus.com/bid/102742"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"name": "USN-3600-2",`
			`"refsource": "UBUNTU",`
			`"url": "https://usn.ubuntu.com/3600-2/"`
"-Synchronized-Data." 2019-08-19 11:00:47 +00:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"refsource": "REDHAT",`
			`"name": "RHSA-2019:2519",`
			`"url": "https://access.redhat.com/errata/RHSA-2019:2519"`
Bill Situ <Bill.Situ@Oracle.com> On branch cna/Oracle/CPU2020Apr3rdparty Changes to be committed: modified: 2015/0xxx/CVE-2015-0254.json modified: 2015/1xxx/CVE-2015-1832.json modified: 2015/3xxx/CVE-2015-3253.json modified: 2015/7xxx/CVE-2015-7940.json modified: 2015/9xxx/CVE-2015-9251.json modified: 2016/0xxx/CVE-2016-0701.json modified: 2016/1000xxx/CVE-2016-1000031.json modified: 2016/10xxx/CVE-2016-10244.json modified: 2016/10xxx/CVE-2016-10251.json modified: 2016/10xxx/CVE-2016-10328.json modified: 2016/2xxx/CVE-2016-2183.json modified: 2016/2xxx/CVE-2016-2381.json modified: 2016/3xxx/CVE-2016-3092.json modified: 2016/4xxx/CVE-2016-4000.json modified: 2016/4xxx/CVE-2016-4463.json modified: 2016/6xxx/CVE-2016-6306.json modified: 2016/6xxx/CVE-2016-6489.json modified: 2016/7xxx/CVE-2016-7103.json modified: 2016/8xxx/CVE-2016-8610.json modified: 2017/12xxx/CVE-2017-12626.json modified: 2017/13xxx/CVE-2017-13745.json modified: 2017/14xxx/CVE-2017-14232.json modified: 2017/14xxx/CVE-2017-14735.json modified: 2017/15xxx/CVE-2017-15706.json modified: 2017/3xxx/CVE-2017-3160.json modified: 2017/5xxx/CVE-2017-5130.json modified: 2017/5xxx/CVE-2017-5529.json modified: 2017/5xxx/CVE-2017-5533.json modified: 2017/5xxx/CVE-2017-5645.json modified: 2017/5xxx/CVE-2017-5754.json modified: 2017/7xxx/CVE-2017-7857.json modified: 2017/7xxx/CVE-2017-7858.json modified: 2017/7xxx/CVE-2017-7864.json modified: 2017/8xxx/CVE-2017-8105.json modified: 2017/8xxx/CVE-2017-8287.json modified: 2018/0xxx/CVE-2018-0732.json modified: 2018/0xxx/CVE-2018-0734.json modified: 2018/0xxx/CVE-2018-0737.json modified: 2018/1000xxx/CVE-2018-1000180.json modified: 2018/1000xxx/CVE-2018-1000613.json modified: 2018/1000xxx/CVE-2018-1000632.json modified: 2018/1000xxx/CVE-2018-1000873.json modified: 2018/10xxx/CVE-2018-10237.json modified: 2018/11xxx/CVE-2018-11054.json modified: 2018/11xxx/CVE-2018-11055.json modified: 2018/11xxx/CVE-2018-11056.json modified: 2018/11xxx/CVE-2018-11057.json modified: 2018/11xxx/CVE-2018-11058.json modified: 2018/11xxx/CVE-2018-11307.json modified: 2018/11xxx/CVE-2018-11775.json modified: 2018/11xxx/CVE-2018-11784.json modified: 2018/11xxx/CVE-2018-11797.json modified: 2018/12xxx/CVE-2018-12022.json modified: 2018/12xxx/CVE-2018-12023.json modified: 2018/14xxx/CVE-2018-14718.json modified: 2018/14xxx/CVE-2018-14719.json modified: 2018/14xxx/CVE-2018-14720.json modified: 2018/14xxx/CVE-2018-14721.json modified: 2018/15xxx/CVE-2018-15756.json modified: 2018/15xxx/CVE-2018-15769.json modified: 2018/17xxx/CVE-2018-17197.json modified: 2018/18xxx/CVE-2018-18227.json modified: 2018/18xxx/CVE-2018-18311.json modified: 2018/18xxx/CVE-2018-18873.json modified: 2018/19xxx/CVE-2018-19139.json modified: 2018/19xxx/CVE-2018-19360.json modified: 2018/19xxx/CVE-2018-19361.json modified: 2018/19xxx/CVE-2018-19362.json modified: 2018/19xxx/CVE-2018-19539.json modified: 2018/19xxx/CVE-2018-19540.json modified: 2018/19xxx/CVE-2018-19541.json modified: 2018/19xxx/CVE-2018-19542.json modified: 2018/19xxx/CVE-2018-19543.json modified: 2018/19xxx/CVE-2018-19622.json modified: 2018/19xxx/CVE-2018-19623.json modified: 2018/19xxx/CVE-2018-19624.json modified: 2018/19xxx/CVE-2018-19625.json modified: 2018/19xxx/CVE-2018-19626.json modified: 2018/19xxx/CVE-2018-19627.json modified: 2018/19xxx/CVE-2018-19628.json modified: 2018/1xxx/CVE-2018-1165.json modified: 2018/1xxx/CVE-2018-1258.json modified: 2018/1xxx/CVE-2018-1304.json modified: 2018/1xxx/CVE-2018-1305.json modified: 2018/1xxx/CVE-2018-1320.json modified: 2018/1xxx/CVE-2018-1336.json modified: 2018/20xxx/CVE-2018-20346.json modified: 2018/20xxx/CVE-2018-20506.json modified: 2018/20xxx/CVE-2018-20570.json modified: 2018/20xxx/CVE-2018-20584.json modified: 2018/20xxx/CVE-2018-20622.json modified: 2018/20xxx/CVE-2018-20843.json modified: 2018/20xxx/CVE-2018-20852.json modified: 2018/5xxx/CVE-2018-5407.json modified: 2018/5xxx/CVE-2018-5711.json modified: 2018/5xxx/CVE-2018-5712.json modified: 2018/6xxx/CVE-2018-6942.json modified: 2018/8xxx/CVE-2018-8014.json modified: 2018/8xxx/CVE-2018-8032.json modified: 2018/8xxx/CVE-2018-8034.json modified: 2018/8xxx/CVE-2018-8036.json modified: 2018/8xxx/CVE-2018-8037.json modified: 2018/8xxx/CVE-2018-8039.json modified: 2018/9xxx/CVE-2018-9055.json modified: 2018/9xxx/CVE-2018-9154.json modified: 2018/9xxx/CVE-2018-9252.json modified: 2019/0xxx/CVE-2019-0196.json modified: 2019/0xxx/CVE-2019-0197.json modified: 2019/0xxx/CVE-2019-0199.json modified: 2019/0xxx/CVE-2019-0211.json modified: 2019/0xxx/CVE-2019-0215.json modified: 2019/0xxx/CVE-2019-0217.json modified: 2019/0xxx/CVE-2019-0220.json modified: 2019/0xxx/CVE-2019-0221.json modified: 2019/0xxx/CVE-2019-0222.json modified: 2019/0xxx/CVE-2019-0227.json modified: 2019/0xxx/CVE-2019-0228.json modified: 2019/0xxx/CVE-2019-0232.json modified: 2019/1010xxx/CVE-2019-1010238.json modified: 2019/10xxx/CVE-2019-10072.json modified: 2019/10xxx/CVE-2019-10081.json modified: 2019/10xxx/CVE-2019-10082.json modified: 2019/10xxx/CVE-2019-10086.json modified: 2019/10xxx/CVE-2019-10088.json modified: 2019/10xxx/CVE-2019-10092.json modified: 2019/10xxx/CVE-2019-10093.json modified: 2019/10xxx/CVE-2019-10094.json modified: 2019/10xxx/CVE-2019-10097.json modified: 2019/10xxx/CVE-2019-10098.json modified: 2019/10xxx/CVE-2019-10173.json modified: 2019/10xxx/CVE-2019-10246.json modified: 2019/10xxx/CVE-2019-10247.json modified: 2019/11xxx/CVE-2019-11358.json modified: 2019/12xxx/CVE-2019-12086.json modified: 2019/12xxx/CVE-2019-12384.json modified: 2019/12xxx/CVE-2019-12387.json modified: 2019/12xxx/CVE-2019-12402.json modified: 2019/12xxx/CVE-2019-12406.json modified: 2019/12xxx/CVE-2019-12415.json modified: 2019/12xxx/CVE-2019-12418.json modified: 2019/12xxx/CVE-2019-12419.json modified: 2019/12xxx/CVE-2019-12855.json modified: 2019/13xxx/CVE-2019-13057.json modified: 2019/13xxx/CVE-2019-13565.json modified: 2019/13xxx/CVE-2019-13990.json modified: 2019/14xxx/CVE-2019-14379.json modified: 2019/14xxx/CVE-2019-14439.json modified: 2019/14xxx/CVE-2019-14540.json modified: 2019/14xxx/CVE-2019-14821.json modified: 2019/14xxx/CVE-2019-14889.json modified: 2019/15xxx/CVE-2019-15161.json modified: 2019/15xxx/CVE-2019-15162.json modified: 2019/15xxx/CVE-2019-15163.json modified: 2019/15xxx/CVE-2019-15164.json modified: 2019/15xxx/CVE-2019-15165.json modified: 2019/15xxx/CVE-2019-15601.json modified: 2019/15xxx/CVE-2019-15604.json modified: 2019/15xxx/CVE-2019-15605.json modified: 2019/15xxx/CVE-2019-15606.json modified: 2019/15xxx/CVE-2019-15903.json modified: 2019/16xxx/CVE-2019-16056.json modified: 2019/16xxx/CVE-2019-16168.json modified: 2019/16xxx/CVE-2019-16335.json modified: 2019/16xxx/CVE-2019-16942.json modified: 2019/16xxx/CVE-2019-16943.json modified: 2019/17xxx/CVE-2019-17091.json modified: 2019/17xxx/CVE-2019-17195.json modified: 2019/17xxx/CVE-2019-17359.json modified: 2019/17xxx/CVE-2019-17531.json modified: 2019/17xxx/CVE-2019-17563.json modified: 2019/17xxx/CVE-2019-17571.json modified: 2019/18xxx/CVE-2019-18197.json modified: 2019/19xxx/CVE-2019-19242.json modified: 2019/19xxx/CVE-2019-19244.json modified: 2019/19xxx/CVE-2019-19269.json modified: 2019/19xxx/CVE-2019-19317.json modified: 2019/19xxx/CVE-2019-19553.json modified: 2019/19xxx/CVE-2019-19603.json modified: 2019/19xxx/CVE-2019-19645.json modified: 2019/19xxx/CVE-2019-19646.json modified: 2019/19xxx/CVE-2019-19880.json modified: 2019/19xxx/CVE-2019-19923.json modified: 2019/19xxx/CVE-2019-19924.json modified: 2019/19xxx/CVE-2019-19925.json modified: 2019/19xxx/CVE-2019-19926.json modified: 2019/19xxx/CVE-2019-19959.json modified: 2019/1xxx/CVE-2019-1543.json modified: 2019/1xxx/CVE-2019-1547.json modified: 2019/1xxx/CVE-2019-1549.json modified: 2019/1xxx/CVE-2019-1552.json modified: 2019/1xxx/CVE-2019-1563.json modified: 2019/20xxx/CVE-2019-20218.json modified: 2019/20xxx/CVE-2019-20330.json modified: 2019/5xxx/CVE-2019-5427.json modified: 2019/5xxx/CVE-2019-5435.json modified: 2019/5xxx/CVE-2019-5436.json modified: 2019/5xxx/CVE-2019-5443.json modified: 2019/5xxx/CVE-2019-5481.json modified: 2019/5xxx/CVE-2019-5482.json modified: 2019/8xxx/CVE-2019-8457.json modified: 2019/9xxx/CVE-2019-9517.json modified: 2020/5xxx/CVE-2020-5397.json modified: 2020/5xxx/CVE-2020-5398.json modified: 2020/7xxx/CVE-2020-7044.json modified: 2020/8xxx/CVE-2020-8840.json 2020-04-14 14:04:09 -07:00			`},`
			`{`
"-Synchronized-Data." 2020-04-16 19:02:24 +00:00			`"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",`
			`"refsource": "MISC",`
			`"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"`
"-Synchronized-Data." 2019-03-17 23:41:40 +00:00			`}`
			`]`
			`}`
			`}`