Version 5640 Vulnerabilities Link [extra Quality] | Php

Version 5.6.40 was released in January 2019, and it has many known security issues because it reached end-of-life on December 31, 2018 (no more security patches).

• PHP official website: https://www.php.net/
• PHP version 5.6.40 changelog: https://github.com/php/php-src/blob/php-5.6.40/NEWS
• PHP security documentation: https://www.php.net/manual/en/security.php

• A table of 70+ known CVEs that apply to 5.6.40.
• Severity scores (CVSS v2 and v3).
• Exploit availability links (Metasploit, Exploit-DB).
• References to patch commits (which are irrelevant now, as there are no patches).

Official Sources

1. 1. CVE-2018-14851: A vulnerability in the exif extension that could allow remote attackers to cause a denial of service (DoS) or potentially execute arbitrary code.
   2. CVE-2018-14852: A vulnerability in the exif extension that could allow remote attackers to cause a DoS or potentially execute arbitrary code.
   3. CVE-2018-7208: A vulnerability in the gif2h function that could allow remote attackers to cause a DoS.

   Benefits: