Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/42466?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42466?format=api", "vulnerability_id": "VCID-x2s3-ku1g-gfgh", "summary": "Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service.", "aliases": [ { "alias": "CVE-2024-4577" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/426115?format=api", "purl": "pkg:apk/alpine/php81@8.1.29-r0?arch=aarch64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.29-r0%3Farch=aarch64&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/426116?format=api", "purl": "pkg:apk/alpine/php81@8.1.29-r0?arch=armhf&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.29-r0%3Farch=armhf&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/426117?format=api", "purl": "pkg:apk/alpine/php81@8.1.29-r0?arch=armv7&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.29-r0%3Farch=armv7&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/426118?format=api", "purl": "pkg:apk/alpine/php81@8.1.29-r0?arch=ppc64le&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.29-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/426119?format=api", "purl": "pkg:apk/alpine/php81@8.1.29-r0?arch=s390x&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.29-r0%3Farch=s390x&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/426120?format=api", "purl": "pkg:apk/alpine/php81@8.1.29-r0?arch=x86&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.29-r0%3Farch=x86&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/426121?format=api", "purl": "pkg:apk/alpine/php81@8.1.29-r0?arch=x86_64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php81@8.1.29-r0%3Farch=x86_64&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/544751?format=api", "purl": "pkg:apk/alpine/php82@8.2.20-r0?arch=ppc64le&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.20-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/544748?format=api", "purl": "pkg:apk/alpine/php82@8.2.20-r0?arch=aarch64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.20-r0%3Farch=aarch64&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/544749?format=api", "purl": "pkg:apk/alpine/php82@8.2.20-r0?arch=armhf&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.20-r0%3Farch=armhf&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/544750?format=api", "purl": "pkg:apk/alpine/php82@8.2.20-r0?arch=armv7&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.20-r0%3Farch=armv7&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/544752?format=api", "purl": "pkg:apk/alpine/php82@8.2.20-r0?arch=s390x&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.20-r0%3Farch=s390x&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/544753?format=api", "purl": "pkg:apk/alpine/php82@8.2.20-r0?arch=x86&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.20-r0%3Farch=x86&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/544754?format=api", "purl": "pkg:apk/alpine/php82@8.2.20-r0?arch=x86_64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.20-r0%3Farch=x86_64&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/402718?format=api", "purl": "pkg:apk/alpine/php83@8.3.8-r0?arch=aarch64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=aarch64&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/402719?format=api", "purl": "pkg:apk/alpine/php83@8.3.8-r0?arch=armhf&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=armhf&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/402720?format=api", "purl": "pkg:apk/alpine/php83@8.3.8-r0?arch=armv7&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=armv7&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/402721?format=api", "purl": "pkg:apk/alpine/php83@8.3.8-r0?arch=ppc64le&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/402722?format=api", "purl": "pkg:apk/alpine/php83@8.3.8-r0?arch=s390x&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=s390x&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/402723?format=api", "purl": "pkg:apk/alpine/php83@8.3.8-r0?arch=x86&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=x86&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/402724?format=api", "purl": "pkg:apk/alpine/php83@8.3.8-r0?arch=x86_64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=x86_64&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/935089?format=api", "purl": "pkg:deb/debian/php7.4@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/935086?format=api", "purl": "pkg:deb/debian/php7.4@7.4.33-1%2Bdeb11u5?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php7.4@7.4.33-1%252Bdeb11u5%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/935109?format=api", "purl": "pkg:deb/debian/php8.2@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/935107?format=api", "purl": "pkg:deb/debian/php8.2@8.2.29-1~deb12u1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php8.2@8.2.29-1~deb12u1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/76062?format=api", "purl": "pkg:ebuild/dev-lang/php@8.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/76063?format=api", "purl": "pkg:ebuild/dev-lang/php@8.1.29", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@8.1.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/76064?format=api", "purl": "pkg:ebuild/dev-lang/php@8.2.20", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@8.2.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/76065?format=api", "purl": "pkg:ebuild/dev-lang/php@8.3.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@8.3.8" } ], "affected_packages": [], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4577.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4577.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4577", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94374", "scoring_system": "epss", "scoring_elements": "0.99966", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.94374", "scoring_system": "epss", "scoring_elements": "0.99967", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4577" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/07/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1" }, { "reference_url": "https://github.com/rapid7/metasploit-framework/pull/19247", "reference_id": "19247", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/rapid7/metasploit-framework/pull/19247" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291281", "reference_id": "2291281", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291281" }, { "reference_url": "https://isc.sans.edu/diary/30994", "reference_id": "30994", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://isc.sans.edu/diary/30994" }, { "reference_url": "https://www.php.net/ChangeLog-8.php#8.1.29", "reference_id": "ChangeLog-8.php#8.1.29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://www.php.net/ChangeLog-8.php#8.1.29" }, { "reference_url": "https://www.php.net/ChangeLog-8.php#8.2.20", "reference_id": "ChangeLog-8.php#8.2.20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://www.php.net/ChangeLog-8.php#8.2.20" }, { "reference_url": "https://www.php.net/ChangeLog-8.php#8.3.8", "reference_id": "ChangeLog-8.php#8.3.8", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://www.php.net/ChangeLog-8.php#8.3.8" }, { "reference_url": "https://github.com/11whoami99/CVE-2024-4577", "reference_id": "CVE-2024-4577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/11whoami99/CVE-2024-4577" }, { "reference_url": "https://github.com/watchtowrlabs/CVE-2024-4577", "reference_id": "CVE-2024-4577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/watchtowrlabs/CVE-2024-4577" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52331.py", "reference_id": "CVE-2024-4577", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52331.py" }, { "reference_url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE", "reference_id": "CVE-2024-4577-PHP-RCE", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE" }, { "reference_url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html", "reference_id": "cve-2024-4577-yet-another-php-rce.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv", "reference_id": "GHSA-3qgc-jrrr-25jv", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv" }, { "reference_url": "https://security.gentoo.org/glsa/202408-32", "reference_id": "GLSA-202408-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-32" }, { "reference_url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/", "reference_id": "imperva-protects-against-critical-php-vulnerability-cve-2024-4577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/" }, { "reference_url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/", "reference_id": "no-way-php-strikes-again-cve-2024-4577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0008/", "reference_id": "ntap-20240621-0008", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0008/" }, { "reference_url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/", "reference_id": "php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/", "reference_id": "PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/" }, { "reference_url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/", "reference_id": "security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/", "reference_id": "W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/" }, { "reference_url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately", "reference_id": "warning-php-remote-code-execution-patch-immediately", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/" } ], "url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately" } ], "weaknesses": [ { "cwe_id": 78, "name": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "description": "The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component." } ], "exploits": [ { "date_added": "2025-06-15", "description": "PHP CGI Module 8.3.4 - Remote Code Execution (RCE)", "required_action": null, "due_date": null, "notes": null, "known_ransomware_campaign_use": false, "source_date_published": "2025-06-15", "exploit_type": "webapps", "platform": "php", "source_date_updated": "2025-06-15", "data_source": "Exploit-DB", "source_url": "" }, { "date_added": "2024-06-12", "description": "PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.", "required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "due_date": "2024-07-03", "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://www.php.net/ChangeLog-8.php#; https://nvd.nist.gov/vuln/detail/CVE-2024-4577", "known_ransomware_campaign_use": true, "source_date_published": null, "exploit_type": null, "platform": null, "source_date_updated": null, "data_source": "KEV", "source_url": null }, { "date_added": null, "description": "This module exploits a PHP CGI argument injection vulnerability affecting PHP in certain configurations\n on a Windows target. A vulnerable configuration is locale dependant (such as Chinese or Japanese), such that\n the Unicode best-fit conversion scheme will unexpectedly convert a soft hyphen (0xAD) into a dash (0x2D)\n character. Additionally a target web server must be configured to run PHP under CGI mode, or directly expose\n the PHP binary. This issue has been fixed in PHP 8.3.8 (for the 8.3.x branch), 8.2.20 (for the 8.2.x branch),\n and 8.1.29 (for the 8.1.x branch). PHP 8.0.x and below are end of life and have note received patches.\n\n XAMPP is vulnerable in a default configuration, and we can target the /php-cgi/php-cgi.exe endpoint. To target\n an explicit .php endpoint (e.g. /index.php), the server must be configured to run PHP scripts in CGI mode.", "required_action": null, "due_date": null, "notes": "Stability:\n - crash-safe\nReliability:\n - repeatable-session\nSideEffects:\n - ioc-in-logs\n", "known_ransomware_campaign_use": false, "source_date_published": "2024-06-06", "exploit_type": null, "platform": "PHP,Windows", "source_date_updated": null, "data_source": "Metasploit", "source_url": "https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/http/php_cgi_arg_injection_rce_cve_2024_4577.rb" } ], "severity_range_score": "9.8 - 9.8", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x2s3-ku1g-gfgh" }