{"id":"CVE-2018-17082","details":"The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a \"Transfer-Encoding: chunked\" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.","modified":"2026-04-11T14:54:31.913561Z","published":"2018-09-16T15:29:00.253Z","related":["SUSE-SU-2018:2887-1","SUSE-SU-2018:3016-1","SUSE-SU-2018:3017-1","SUSE-SU-2018:3018-1","SUSE-SU-2022:4067-1","openSUSE-SU-2024:11167-1","openSUSE-SU-2024:11169-1"],"references":[{"type":"WEB","url":"https://www.tenable.com/security/tns-2019-07"},{"type":"ADVISORY","url":"http://php.net/ChangeLog-7.php"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201812-01"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20180924-0001/"},{"type":"ADVISORY","url":"http://php.net/ChangeLog-5.php"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4353"},{"type":"REPORT","url":"https://bugs.php.net/bug.php?id=76582"},{"type":"FIX","url":"https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"0"},{"fixed":"b0822792c8d4c8d535ea1beb8ea63025496668e7"},{"introduced":"60fffd296abce5fc071f3c173c25a2696cf683c6"},{"fixed":"cff4562e6dfe5db877504f310bf00e00198fbb73"},{"introduced":"0221e9f827632942225586687a33cfd554860d5e"},{"fixed":"7f6558bf5d54cc03ad8cdad3c13188563c24f422"},{"introduced":"8148cbb78841c8ec0759c0836e7f35dec799d300"},{"fixed":"00d2b7a3d28d29383450fc2607c7d4fb91d57a4a"},{"introduced":"0"},{"last_affected":"5dc92c2117cafc61daaaaa240fd46c3ac33872a4"},{"fixed":"23b057742e3cf199612fa8050ae86cae675e214e"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.6.38"},{"introduced":"7.0.0"},{"fixed":"7.0.32"},{"introduced":"7.1.0"},{"fixed":"7.1.22"},{"introduced":"7.2.0"},{"fixed":"7.2.10"},{"introduced":"0"},{"last_affected":"8.0"}]}}],"versions":["POST_64BIT_BRANCH_MERGE","POST_AST_MERGE","POST_PHP7_NSAPI_REMOVAL","POST_PHP7_REMOVALS","POST_PHPNG_MERGE","PRE_64BIT_BRANCH_MERGE","PRE_AST_MERGE","PRE_PHP7_EREG_MYSQL_REMOVALS","PRE_PHP7_NSAPI_REMOVAL","PRE_PHP7_REMOVALS","php-8.0.0"],"database_specific":{"vanir_signatures_modified":"2026-04-11T14:54:31Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17082.json","vanir_signatures":[{"digest":{"length":3972,"function_hash":"286714666792502187029051883559319256746"},"id":"CVE-2018-17082-68a51ab8","signature_version":"v1","signature_type":"Function","source":"https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e","deprecated":false,"target":{"function":"php_handler","file":"sapi/apache2handler/sapi_apache2.c"}},{"digest":{"threshold":0.9,"line_hashes":["152064786699712677301454464694779181018","29303015709440994030888303854153240592","111547859227363177804637785761047134821","289592337297551983891992604857677649335"]},"id":"CVE-2018-17082-fa554c7b","signature_version":"v1","signature_type":"Line","source":"https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e","deprecated":false,"target":{"file":"sapi/apache2handler/sapi_apache2.c"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}