{"url":"http://public2.vulnerablecode.io/api/packages/139627?format=json","purl":"pkg:apk/alpine/php83@8.3.8-r0?arch=armv7&distroversion=v3.19&reponame=community","type":"apk","namespace":"alpine","name":"php83","version":"8.3.8-r0","qualifiers":{"arch":"armv7","distroversion":"v3.19","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20541?format=json","vulnerability_id":"VCID-6bm4-gsbj-3bdj","summary":"","references":[{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/06/07/1","reference_id":"1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/06/07/1"},{"reference_url":"https://github.com/rapid7/metasploit-framework/pull/19247","reference_id":"19247","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://github.com/rapid7/metasploit-framework/pull/19247"},{"reference_url":"https://isc.sans.edu/diary/30994","reference_id":"30994","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://isc.sans.edu/diary/30994"},{"reference_url":"https://www.php.net/ChangeLog-8.php#8.1.29","reference_id":"ChangeLog-8.php#8.1.29","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://www.php.net/ChangeLog-8.php#8.1.29"},{"reference_url":"https://www.php.net/ChangeLog-8.php#8.2.20","reference_id":"ChangeLog-8.php#8.2.20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://www.php.net/ChangeLog-8.php#8.2.20"},{"reference_url":"https://www.php.net/ChangeLog-8.php#8.3.8","reference_id":"ChangeLog-8.php#8.3.8","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://www.php.net/ChangeLog-8.php#8.3.8"},{"reference_url":"https://github.com/11whoami99/CVE-2024-4577","reference_id":"CVE-2024-4577","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://github.com/11whoami99/CVE-2024-4577"},{"reference_url":"https://github.com/watchtowrlabs/CVE-2024-4577","reference_id":"CVE-2024-4577","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://github.com/watchtowrlabs/CVE-2024-4577"},{"reference_url":"https://github.com/xcanwin/CVE-2024-4577-PHP-RCE","reference_id":"CVE-2024-4577-PHP-RCE","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://github.com/xcanwin/CVE-2024-4577-PHP-RCE"},{"reference_url":"https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html","reference_id":"cve-2024-4577-yet-another-php-rce.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html"},{"reference_url":"https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv","reference_id":"GHSA-3qgc-jrrr-25jv","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv"},{"reference_url":"https://security.gentoo.org/glsa/202408-32","reference_id":"GLSA-202408-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-32"},{"reference_url":"https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/","reference_id":"imperva-protects-against-critical-php-vulnerability-cve-2024-4577","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/"},{"reference_url":"https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/","reference_id":"no-way-php-strikes-again-cve-2024-4577","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0008/","reference_id":"ntap-20240621-0008","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0008/"},{"reference_url":"https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/","reference_id":"php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/","reference_id":"PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"},{"reference_url":"https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/","reference_id":"security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/","reference_id":"W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"},{"reference_url":"https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately","reference_id":"warning-php-remote-code-execution-patch-immediately","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-06-15T03:55:28Z/"}],"url":"https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/139627?format=json","purl":"pkg:apk/alpine/php83@8.3.8-r0?arch=armv7&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=armv7&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2024-4577"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bm4-gsbj-3bdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/21710?format=json","vulnerability_id":"VCID-m8mg-192p-sya9","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5458"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/06/07/1","reference_id":"1","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/06/07/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072885","reference_id":"1072885","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072885"},{"reference_url":"https://github.com/php/php-src/security/advisories/GHSA-w8qr-v226-r27w","reference_id":"GHSA-w8qr-v226-r27w","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/"}],"url":"https://github.com/php/php-src/security/advisories/GHSA-w8qr-v226-r27w"},{"reference_url":"https://security.gentoo.org/glsa/202408-32","reference_id":"GLSA-202408-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-32"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00009.html","reference_id":"msg00009.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00009.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240726-0001/","reference_id":"ntap-20240726-0001","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240726-0001/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/","reference_id":"PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/","reference_id":"W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T19:55:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/139627?format=json","purl":"pkg:apk/alpine/php83@8.3.8-r0?arch=armv7&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=armv7&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2024-5458"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m8mg-192p-sya9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php83@8.3.8-r0%3Farch=armv7&distroversion=v3.19&reponame=community"}