U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2017-11145

Change History

Initial Analysis 7/14/2017 10:59:49 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:php:php:5.6.30:*:*:*:*:*:*:* (and previous)
     *cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.13:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.14:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.15:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.16:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.17:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.18:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.19:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.20:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.1.1:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.1.2:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.1.3:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.1.4:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.1.5:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.1.6:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Added CWE

								
							
							
						
CWE-200
Changed Reference Type
http://openwall.com/lists/oss-security/2017/07/10/6 No Types Assigned
http://openwall.com/lists/oss-security/2017/07/10/6 Mailing List, Third Party Advisory
Changed Reference Type
http://php.net/ChangeLog-5.php No Types Assigned
http://php.net/ChangeLog-5.php Release Notes, Vendor Advisory
Changed Reference Type
http://php.net/ChangeLog-7.php No Types Assigned
http://php.net/ChangeLog-7.php Release Notes, Vendor Advisory
Changed Reference Type
https://bugs.php.net/bug.php?id=74819 No Types Assigned
https://bugs.php.net/bug.php?id=74819 Third Party Advisory
Changed Reference Type
https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75 No Types Assigned
https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75 Patch, Third Party Advisory