{"id":"CVE-2018-17082","details":"The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a \"Transfer-Encoding: chunked\" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.","modified":"2026-02-24T11:28:01.085887Z","published":"2018-09-16T15:29:00.253Z","related":["SUSE-SU-2018:2887-1","SUSE-SU-2018:3016-1","SUSE-SU-2018:3017-1","SUSE-SU-2018:3018-1","SUSE-SU-2022:4067-1","openSUSE-SU-2024:11167-1","openSUSE-SU-2024:11169-1"],"references":[{"type":"WEB","url":"https://www.tenable.com/security/tns-2019-07"},{"type":"ADVISORY","url":"http://php.net/ChangeLog-5.php"},{"type":"ADVISORY","url":"http://php.net/ChangeLog-7.php"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"type":"ADVISORY","url":"https://bugs.php.net/bug.php?id=76582"},{"type":"ADVISORY","url":"https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201812-01"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20180924-0001/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4353"},{"type":"REPORT","url":"https://bugs.php.net/bug.php?id=76582"},{"type":"FIX","url":"https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html"},{"type":"EVIDENCE","url":"https://bugs.php.net/bug.php?id=76582"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"0"},{"fixed":"23b057742e3cf199612fa8050ae86cae675e214e"}]}],"versions":["NEWS","NEWS-cvs2svn","php-5.3.23RC1","php-5.3.29","php-5.3.29RC1","php-5.4.30RC1","php-5.4.32RC1","php-5.4.4RC2","php-5.5.24RC1","php-5.6.18RC1","php-5.6.19RC1","php-5.6.22RC1","php-5.6.23RC1","php-5.6.24RC1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-17082.json","vanir_signatures":[{"digest":{"length":3972,"function_hash":"286714666792502187029051883559319256746"},"id":"CVE-2018-17082-68a51ab8","signature_type":"Function","deprecated":false,"source":"https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e","signature_version":"v1","target":{"file":"sapi/apache2handler/sapi_apache2.c","function":"php_handler"}},{"digest":{"line_hashes":["152064786699712677301454464694779181018","29303015709440994030888303854153240592","111547859227363177804637785761047134821","289592337297551983891992604857677649335"],"threshold":0.9},"id":"CVE-2018-17082-fa554c7b","signature_type":"Line","deprecated":false,"source":"https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e","signature_version":"v1","target":{"file":"sapi/apache2handler/sapi_apache2.c"}}]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}