vulnerability

Amazon Linux AMI: CVE-2018-10548: Security patch for php56, php70, php71 (ALAS-2018-1019)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	2018-04-29	2018-05-11	2020-04-16

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

2018-04-29

Added

2018-05-11

Modified

2020-04-16

Description

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.

Solution(s)

amazon-linux-upgrade--php70amazon-linux-upgrade--php71amazon-linux-upgrade-php56

References

AMAZON-ALAS-2018-1019
UBUNTU-USN-3646-1
UBUNTU-USN-3646-2
DEBIAN-DSA-4240
NVD-CVE-2018-10548

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today