SUSE-SU-2018:2337-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2017-9120 CVE-2018-14851

Published: 15 Aug 2018, 11:14

Last modified:04 Feb 2026, 03:06

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

15 Aug 2018, 11:14

Published

Vulnerability first disclosed

04 Feb 2026, 03:06

Last Modified

Vulnerability information updated

Description

Security update for php7 This update for php7 fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-14851: Fixed an out-of-bound read in exif_process_IFD_in_MAKERNOTE, which could be exploited by an attacker via crafted JPG files, and could result in an application crash. (bsc#1103659) - CVE-2017-9120: Fixed an buffer overflow in mysqli_real_escape_string, which could be exploited via along string and could result in an application crash or have other unspecified impacts. (bsc#1103661)

Affected Systems

suse•php7&distro=SUSE Linux Enterprise Module for Web and Scripting 15
< 7.2.5-4.6.1

SUSE-SU-2018:2337-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)