SUSE-SU-2018:1936-1
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 12 Jul 2018, 09:04
Last modified:04 Feb 2026, 04:02
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
12 Jul 2018, 09:04
Published
Vulnerability first disclosed
04 Feb 2026, 04:02
Last Modified
Vulnerability information updated
Description
Security update for php7 This update for php7 fixes the following issues: - CVE-2018-12882: exif_read_from_impl allowed attackers to trigger a use-after-free (in exif_read_from_file) because it closed a stream that it is not responsible for closing (bsc#1099098).
Affected Systems
- suse•php7&distro=SUSE Linux Enterprise Module for Web and Scripting 15
< 7.2.5-4.3.1