View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-5712 severity moderate: SUSE including 240 source package names (apache2-mod_php5-5.5.14-109.17.1, apache2-mod_php53-5.3.17-112.20.1, …), 701 product×package rows across 21 product lines (SUSE Enterprise Storage 7.1, SUSE Liberty Linux 7, … (21 product lines)): Fixed 395, Known Not Affected 306.
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.