CVE-2024-4577 (GCVE-0-2024-4577)
Vulnerability from cvelistv5
Published
2024-06-09 19:42
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
References
Impacted products
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2024-06-12
Due date: 2024-07-03
Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Used in ransomware: Known
Notes: This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://www.php.net/ChangeLog-8.php#; https://nvd.nist.gov/vuln/detail/CVE-2024-4577
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:php_group:php:8.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "php",
"vendor": "php_group",
"versions": [
{
"lessThan": "8.1.29",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:php_group:php:8.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "php",
"vendor": "php_group",
"versions": [
{
"lessThan": "8.2.20",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:php_group:php:8.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "php",
"vendor": "php_group",
"versions": [
{
"lessThan": "8.3.8",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4577",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-15T03:55:28.430189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-06-12",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4577"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:16.089Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4577"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-12T00:00:00+00:00",
"value": "CVE-2024-4577 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-03-14T01:24:54.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577"
},
{
"url": "https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577"
},
{
"url": "https://blog.talosintelligence.com/new-persistent-attacks-japan/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/11whoami99/CVE-2024-4577"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/19247"
},
{
"tags": [
"x_transferred"
],
"url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/watchtowrlabs/CVE-2024-4577"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.php.net/ChangeLog-8.php#8.1.29"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.php.net/ChangeLog-8.php#8.2.20"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.php.net/ChangeLog-8.php#8.3.8"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately"
},
{
"tags": [
"x_transferred"
],
"url": "https://isc.sans.edu/diary/30994"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0008/"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"CGI"
],
"platforms": [
"Windows"
],
"product": "PHP",
"repo": "https://github.com/php/php-src",
"vendor": "PHP Group",
"versions": [
{
"lessThan": "8.1.29",
"status": "affected",
"version": "8.1.*",
"versionType": "semver"
},
{
"lessThan": "8.2.20",
"status": "affected",
"version": "8.2.*",
"versionType": "semver"
},
{
"lessThan": "8.3.8",
"status": "affected",
"version": "8.3.*",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This problem is only present in Windows versions of PHP running in CGI mode, in systems where a codepage using \"Best Fit\" strategy is enabled.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "This problem is only present in Windows versions of PHP running in CGI mode, in systems where a codepage using \"Best Fit\" strategy is enabled."
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Orange Tsai, DEVCORE Research Team"
}
],
"datePublic": "2024-06-09T19:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHP versions\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \"\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBest-Fit\" behavior to replace characters in command line given to\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWin32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.\u0026nbsp;\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cbr\u003e\u003c/span\u003e"
}
],
"value": "In PHP versions\u00a08.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \"Best-Fit\" behavior to replace characters in command line given to\u00a0Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T19:08:41.387Z",
"orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
"shortName": "php"
},
"references": [
{
"url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv"
},
{
"url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html"
},
{
"url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/"
},
{
"url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/"
},
{
"url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/"
},
{
"url": "https://github.com/11whoami99/CVE-2024-4577"
},
{
"url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE"
},
{
"url": "https://github.com/rapid7/metasploit-framework/pull/19247"
},
{
"url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/"
},
{
"url": "https://github.com/watchtowrlabs/CVE-2024-4577"
},
{
"url": "https://www.php.net/ChangeLog-8.php#8.1.29"
},
{
"url": "https://www.php.net/ChangeLog-8.php#8.2.20"
},
{
"url": "https://www.php.net/ChangeLog-8.php#8.3.8"
},
{
"url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately"
},
{
"url": "https://isc.sans.edu/diary/30994"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0008/"
}
],
"source": {
"advisory": "GHSA-3qgc-jrrr-25jv",
"discovery": "EXTERNAL"
},
"title": "Argument Injection in PHP-CGI",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
"assignerShortName": "php",
"cveId": "CVE-2024-4577",
"datePublished": "2024-06-09T19:42:36.464Z",
"dateReserved": "2024-05-06T22:21:01.742Z",
"dateUpdated": "2025-10-21T23:05:16.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2024-4577",
"cwes": "[\"CWE-78\"]",
"dateAdded": "2024-06-12",
"dueDate": "2024-07-03",
"knownRansomwareCampaignUse": "Known",
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://www.php.net/ChangeLog-8.php#; https://nvd.nist.gov/vuln/detail/CVE-2024-4577",
"product": "PHP",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.",
"vendorProject": "PHP Group",
"vulnerabilityName": "PHP-CGI OS Command Injection Vulnerability"
},
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"affected\", \"modules\": [\"CGI\"], \"platforms\": [\"Windows\"], \"product\": \"PHP\", \"repo\": \"https://github.com/php/php-src\", \"vendor\": \"PHP Group\", \"versions\": [{\"lessThan\": \"8.1.29\", \"status\": \"affected\", \"version\": \"8.1.*\", \"versionType\": \"semver\"}, {\"lessThan\": \"8.2.20\", \"status\": \"affected\", \"version\": \"8.2.*\", \"versionType\": \"semver\"}, {\"lessThan\": \"8.3.8\", \"status\": \"affected\", \"version\": \"8.3.*\", \"versionType\": \"semver\"}]}], \"configurations\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"This problem is only present in Windows versions of PHP running in CGI mode, in systems where a codepage using \\\"Best Fit\\\" strategy is enabled.\u0026nbsp;\u003cbr\u003e\"}], \"value\": \"This problem is only present in Windows versions of PHP running in CGI mode, in systems where a codepage using \\\"Best Fit\\\" strategy is enabled.\"}], \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Orange Tsai, DEVCORE Research Team\"}], \"datePublic\": \"2024-06-09T19:30:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"In PHP versions\u003cspan style=\\\"background-color: var(--wht);\\\"\u003e\u0026nbsp;8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \\\"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eBest-Fit\\\" behavior to replace characters in command line given to\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eWin32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.\u0026nbsp;\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\\\"background-color: var(--wht);\\\"\u003e\u003cbr\u003e\u003c/span\u003e\"}], \"value\": \"In PHP versions\\u00a08.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \\\"Best-Fit\\\" behavior to replace characters in command line given to\\u00a0Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-78\", \"description\": \"CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"dd77f84a-d19a-4638-8c3d-a322d820ed2b\", \"shortName\": \"php\", \"dateUpdated\": \"2024-06-21T19:08:41.387Z\"}, \"references\": [{\"url\": \"https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv\"}, {\"url\": \"https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html\"}, {\"url\": \"https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/\"}, {\"url\": \"https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/\"}, {\"url\": \"https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/\"}, {\"url\": \"https://github.com/11whoami99/CVE-2024-4577\"}, {\"url\": \"https://github.com/xcanwin/CVE-2024-4577-PHP-RCE\"}, {\"url\": \"https://github.com/rapid7/metasploit-framework/pull/19247\"}, {\"url\": \"https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/\"}, {\"url\": \"https://github.com/watchtowrlabs/CVE-2024-4577\"}, {\"url\": \"https://www.php.net/ChangeLog-8.php#8.1.29\"}, {\"url\": \"https://www.php.net/ChangeLog-8.php#8.2.20\"}, {\"url\": \"https://www.php.net/ChangeLog-8.php#8.3.8\"}, {\"url\": \"https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately\"}, {\"url\": \"https://isc.sans.edu/diary/30994\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/06/07/1\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0008/\"}], \"source\": {\"advisory\": \"GHSA-3qgc-jrrr-25jv\", \"discovery\": \"EXTERNAL\"}, \"title\": \"Argument Injection in PHP-CGI\", \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-03-14T01:24:54.997Z\"}, \"references\": [{\"url\": \"https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577\"}, {\"url\": \"https://blog.talosintelligence.com/new-persistent-attacks-japan/\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://github.com/11whoami99/CVE-2024-4577\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://github.com/xcanwin/CVE-2024-4577-PHP-RCE\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://github.com/rapid7/metasploit-framework/pull/19247\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://github.com/watchtowrlabs/CVE-2024-4577\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://www.php.net/ChangeLog-8.php#8.1.29\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://www.php.net/ChangeLog-8.php#8.2.20\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://www.php.net/ChangeLog-8.php#8.3.8\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://isc.sans.edu/diary/30994\"}, {\"tags\": [\"x_transferred\"], \"url\": \"http://www.openwall.com/lists/oss-security/2024/06/07/1\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/\"}, {\"tags\": [\"x_transferred\"], \"url\": \"https://security.netapp.com/advisory/ntap-20240621-0008/\"}], \"title\": \"CVE Program Container\", \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-4577\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-15T03:55:28.430189Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-06-12\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4577\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:php_group:php:8.1.0:*:*:*:*:*:*:*\"], \"vendor\": \"php_group\", \"product\": \"php\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.1.0\", \"lessThan\": \"8.1.29\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:2.3:a:php_group:php:8.2.0:*:*:*:*:*:*:*\"], \"vendor\": \"php_group\", \"product\": \"php\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.2.0\", \"lessThan\": \"8.2.20\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:2.3:a:php_group:php:8.3.0:*:*:*:*:*:*:*\"], \"vendor\": \"php_group\", \"product\": \"php\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.3.0\", \"lessThan\": \"8.3.8\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-10T13:01:38.182Z\"}, \"timeline\": [{\"time\": \"2024-06-12T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2024-4577 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-4577\", \"assignerOrgId\": \"dd77f84a-d19a-4638-8c3d-a322d820ed2b\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"php\", \"dateReserved\": \"2024-05-06T22:21:01.742Z\", \"datePublished\": \"2024-06-09T19:42:36.464Z\", \"dateUpdated\": \"2025-07-28T19:43:15.379Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…