cpe:/a:php:php:5.6.30 cpe:/a:php:php:7.0.0 cpe:/a:php:php:7.0.1 cpe:/a:php:php:7.0.2 cpe:/a:php:php:7.0.3 cpe:/a:php:php:7.0.4 cpe:/a:php:php:7.0.5 cpe:/a:php:php:7.0.6 cpe:/a:php:php:7.0.7 cpe:/a:php:php:7.0.8 cpe:/a:php:php:7.0.9 cpe:/a:php:php:7.0.10 cpe:/a:php:php:7.0.11 cpe:/a:php:php:7.0.12 cpe:/a:php:php:7.0.13 cpe:/a:php:php:7.0.14 cpe:/a:php:php:7.0.15 cpe:/a:php:php:7.0.16 cpe:/a:php:php:7.0.17 cpe:/a:php:php:7.0.18 cpe:/a:php:php:7.0.19 cpe:/a:php:php:7.0.20 cpe:/a:php:php:7.1.0 cpe:/a:php:php:7.1.1 cpe:/a:php:php:7.1.2 cpe:/a:php:php:7.1.3 cpe:/a:php:php:7.1.4 cpe:/a:php:php:7.1.5 cpe:/a:php:php:7.1.6 CVE-2017-7890 2017-08-02T15:29:00.897-04:00 2018-05-03T21:29:09.503-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov BID 99492 DEBIAN DSA-3938 REDHAT RHSA-2018:0406 REDHAT RHSA-2018:1296 CONFIRM http://php.net/ChangeLog-5.php CONFIRM http://php.net/ChangeLog-7.php CONFIRM https://bugs.php.net/bug.php?id=74435 CONFIRM https://bugs.php.net/patch-display.php?bug=74435&patch=fix-74435-php-7.0&revision=1497970038 CONFIRM https://security.netapp.com/advisory/ntap-20180112-0001/ CONFIRM https://www.tenable.com/security/tns-2017-12 The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.