PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 889
CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
CVE-2024-5585
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.
GHSA-hh26-4ppw-5864
PHP is vulnerable to the Marvin Attack
BDU:2024-04432
Уязвимость интерпретатора языка программирования PHP, существующая из-за непринятия мер по нейтрализации специальных элементов, используемых в команде операционной системмы, позволяющая нарушителю выполнить произвольный код
CVE-2024-3096
In PHP version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password stored with password_hash() starts with a null byte (\x00), testing a blank string as the password via password_verify() will incorrectly return true.
CVE-2024-3096
In PHP version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before ...
CVE-2024-2757
In PHP 8.3.* before 8.3.5, function mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function.
CVE-2024-2757
In PHP 8.3.* before 8.3.5, functionmb_encode_mimeheader() runs endless ...
CVE-2024-1874
In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.
CVE-2024-1874
In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2024-4577 In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc. | CVSS3: 9.8 | 94% Критический | почти 2 года назад |
| CVE-2024-5585 In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell. | CVSS3: 8.8 | 1% Низкий | почти 2 года назад |
| GHSA-hh26-4ppw-5864 PHP is vulnerable to the Marvin Attack | CVSS3: 5.9 | 0% Низкий | почти 2 года назад |
 | BDU:2024-04432 Уязвимость интерпретатора языка программирования PHP, существующая из-за непринятия мер по нейтрализации специальных элементов, используемых в команде операционной системмы, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.1 | 94% Критический | почти 2 года назад |
 | CVE-2024-3096 In PHP version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password stored with password_hash() starts with a null byte (\x00), testing a blank string as the password via password_verify() will incorrectly return true. | CVSS3: 6.5 | 1% Низкий | почти 2 года назад |
| CVE-2024-3096 In PHP version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before ... | CVSS3: 6.5 | 1% Низкий | почти 2 года назад |
| CVE-2024-2757 In PHP 8.3.* before 8.3.5, function mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function. | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
| CVE-2024-2757 In PHP 8.3.* before 8.3.5, functionmb_encode_mimeheader() runs endless ... | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
| CVE-2024-1874 In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell. | CVSS3: 9.4 | 63% Средний | почти 2 года назад |
| CVE-2024-1874 In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before ... | CVSS3: 9.4 | 63% Средний | почти 2 года назад |
Уязвимостей на страницу