exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 19

CVE-2024-8927

10 месяцев назад

In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP headers, which can lead to cgi.force_redirect option not being correctly applied. In certain configurations this may lead to arbitrary file inclusion in PHP.

CVSS3: 7.5

EPSS: Низкий

CVE-2024-8927

10 месяцев назад

CVSS3: 7.5

EPSS: Низкий

CVE-2024-8927

10 месяцев назад

CVSS3: 7.5

EPSS: Низкий

CVE-2024-8927

9 месяцев назад

CVSS3: 7.5

EPSS: Низкий

CVE-2024-8927

10 месяцев назад

In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before ...

CVSS3: 7.5

EPSS: Низкий

GHSA-94p6-54jq-9mwp

10 месяцев назад

cgi.force_redirect configuration is bypassable due to the environment variable collision

CVSS3: 5.3

EPSS: Низкий

BDU:2024-07679

10 месяцев назад

Уязвимость сценария cgi.force_redirect интерпретатора языка программирования PHP, позволяющая нарушителю обойти существующие ограничения безопасности

CVSS3: 9.8

EPSS: Низкий

SUSE-SU-2024:3733-1

10 месяцев назад

Security update for php7

EPSS: Низкий

SUSE-SU-2024:3732-1

10 месяцев назад

Security update for php74

EPSS: Низкий

SUSE-SU-2024:3729-1

10 месяцев назад

Security update for php8

EPSS: Низкий

SUSE-SU-2024:3664-1

10 месяцев назад

Security update for php8

EPSS: Низкий

ELSA-2024-10951

8 месяцев назад

ELSA-2024-10951: php:8.2 security update (MODERATE)

EPSS: Низкий

ELSA-2024-10950

8 месяцев назад

ELSA-2024-10950: php:8.1 security update (MODERATE)

EPSS: Низкий

ELSA-2024-10949

8 месяцев назад

ELSA-2024-10949: php:8.2 security update (MODERATE)

EPSS: Низкий

ROS-20241015-15

10 месяцев назад

Множественные уязвимости php

CVSS3: 9.8

EPSS: Низкий

ROS-20241015-14

10 месяцев назад

Множественные уязвимости php

CVSS3: 9.8

EPSS: Низкий

ROS-20241015-11

10 месяцев назад

Множественные уязвимости php

CVSS3: 9.8

EPSS: Низкий

ELSA-2025-7315

3 месяца назад

ELSA-2025-7315: php security update (MODERATE)

EPSS: Низкий

ELSA-2024-10952

8 месяцев назад

ELSA-2024-10952: php:7.4 security update (MODERATE)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-8927 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP headers, which can lead to cgi.force_redirect option not being correctly applied. In certain configurations this may lead to arbitrary file inclusion in PHP.	CVSS3: 7.5	0% Низкий	10 месяцев назад
CVE-2024-8927 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP headers, which can lead to cgi.force_redirect option not being correctly applied. In certain configurations this may lead to arbitrary file inclusion in PHP.	CVSS3: 7.5	0% Низкий	10 месяцев назад
CVE-2024-8927 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP headers, which can lead to cgi.force_redirect option not being correctly applied. In certain configurations this may lead to arbitrary file inclusion in PHP.	CVSS3: 7.5	0% Низкий	10 месяцев назад
CVE-2024-8927	CVSS3: 7.5	0% Низкий	9 месяцев назад
CVE-2024-8927 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before ...	CVSS3: 7.5	0% Низкий	10 месяцев назад
GHSA-94p6-54jq-9mwp cgi.force_redirect configuration is bypassable due to the environment variable collision	CVSS3: 5.3	0% Низкий	10 месяцев назад
BDU:2024-07679 Уязвимость сценария cgi.force_redirect интерпретатора языка программирования PHP, позволяющая нарушителю обойти существующие ограничения безопасности	CVSS3: 9.8	0% Низкий	10 месяцев назад
SUSE-SU-2024:3733-1 Security update for php7			10 месяцев назад
SUSE-SU-2024:3732-1 Security update for php74			10 месяцев назад
SUSE-SU-2024:3729-1 Security update for php8			10 месяцев назад
SUSE-SU-2024:3664-1 Security update for php8			10 месяцев назад
ELSA-2024-10951 ELSA-2024-10951: php:8.2 security update (MODERATE)			8 месяцев назад
ELSA-2024-10950 ELSA-2024-10950: php:8.1 security update (MODERATE)			8 месяцев назад
ELSA-2024-10949 ELSA-2024-10949: php:8.2 security update (MODERATE)			8 месяцев назад
ROS-20241015-15 Множественные уязвимости php	CVSS3: 9.8		10 месяцев назад
ROS-20241015-14 Множественные уязвимости php	CVSS3: 9.8		10 месяцев назад
ROS-20241015-11 Множественные уязвимости php	CVSS3: 9.8		10 месяцев назад
ELSA-2025-7315 ELSA-2025-7315: php security update (MODERATE)			3 месяца назад
ELSA-2024-10952 ELSA-2024-10952: php:7.4 security update (MODERATE)			8 месяцев назад

Уязвимостей на страницу