CVE-2018-11756

Summary

In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.0.1 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationPHP Runtime for Apache OpenWhiskDocker tag openwhisk/action-php-v7.2 1.0.0affected
Apache Software FoundationPHP Runtime for Apache OpenWhiskopenwhisk/action-php-v7.1 1.0.0, 1.0.1affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References