{"affected":[{"ecosystem_specific":{"binaries":[{"apache2-mod_php7":"7.0.7-50.38.2","php7":"7.0.7-50.38.2","php7-bcmath":"7.0.7-50.38.2","php7-bz2":"7.0.7-50.38.2","php7-calendar":"7.0.7-50.38.2","php7-ctype":"7.0.7-50.38.2","php7-curl":"7.0.7-50.38.2","php7-dba":"7.0.7-50.38.2","php7-dom":"7.0.7-50.38.2","php7-enchant":"7.0.7-50.38.2","php7-exif":"7.0.7-50.38.2","php7-fastcgi":"7.0.7-50.38.2","php7-fileinfo":"7.0.7-50.38.2","php7-fpm":"7.0.7-50.38.2","php7-ftp":"7.0.7-50.38.2","php7-gd":"7.0.7-50.38.2","php7-gettext":"7.0.7-50.38.2","php7-gmp":"7.0.7-50.38.2","php7-iconv":"7.0.7-50.38.2","php7-imap":"7.0.7-50.38.2","php7-intl":"7.0.7-50.38.2","php7-json":"7.0.7-50.38.2","php7-ldap":"7.0.7-50.38.2","php7-mbstring":"7.0.7-50.38.2","php7-mcrypt":"7.0.7-50.38.2","php7-mysql":"7.0.7-50.38.2","php7-odbc":"7.0.7-50.38.2","php7-opcache":"7.0.7-50.38.2","php7-openssl":"7.0.7-50.38.2","php7-pcntl":"7.0.7-50.38.2","php7-pdo":"7.0.7-50.38.2","php7-pear":"7.0.7-50.38.2","php7-pear-Archive_Tar":"7.0.7-50.38.2","php7-pgsql":"7.0.7-50.38.2","php7-phar":"7.0.7-50.38.2","php7-posix":"7.0.7-50.38.2","php7-pspell":"7.0.7-50.38.2","php7-shmop":"7.0.7-50.38.2","php7-snmp":"7.0.7-50.38.2","php7-soap":"7.0.7-50.38.2","php7-sockets":"7.0.7-50.38.2","php7-sqlite":"7.0.7-50.38.2","php7-sysvmsg":"7.0.7-50.38.2","php7-sysvsem":"7.0.7-50.38.2","php7-sysvshm":"7.0.7-50.38.2","php7-tokenizer":"7.0.7-50.38.2","php7-wddx":"7.0.7-50.38.2","php7-xmlreader":"7.0.7-50.38.2","php7-xmlrpc":"7.0.7-50.38.2","php7-xmlwriter":"7.0.7-50.38.2","php7-xsl":"7.0.7-50.38.2","php7-zip":"7.0.7-50.38.2","php7-zlib":"7.0.7-50.38.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Web and Scripting 12","name":"php7","purl":"pkg:rpm/suse/php7&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.0.7-50.38.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"php7-devel":"7.0.7-50.38.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP3","name":"php7","purl":"pkg:rpm/suse/php7&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.0.7-50.38.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for php7 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-10545: Fix access controls in FPM child processes (bsc#1091367).\n- CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages (bsc#1091362).\n- CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c (bsc#1091363).\n- CVE-2018-10548: Fix remote denial of service in ext/ldap/ldap.c (bsc#1091355).\n","id":"SUSE-SU-2018:1176-1","modified":"2018-05-09T08:33:01Z","published":"2018-05-09T08:33:01Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20181176-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1091355"},{"type":"REPORT","url":"https://bugzilla.suse.com/1091362"},{"type":"REPORT","url":"https://bugzilla.suse.com/1091363"},{"type":"REPORT","url":"https://bugzilla.suse.com/1091367"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-10545"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-10546"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-10547"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-10548"}],"related":["CVE-2018-10545","CVE-2018-10546","CVE-2018-10547","CVE-2018-10548"],"summary":"Security update for php7","upstream":["CVE-2018-10545","CVE-2018-10546","CVE-2018-10547","CVE-2018-10548"]}