Lucene search
GoogleOSV:BIT-PHP-2024-1874HistoryMay 14, 2024 - 7:29 a.m.
BIT-php-2024-1874
2024-05-1407:29:52
Google
osv.dev
23
php
version 8
proc_open command
In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.
Related
ubuntucve
ubuntucve
CVE-2024-1874
2024-04-29 00:00:00
redhatcve
redhatcve
CVE-2024-1874
2024-04-15 14:50:00
alpinelinux
alpinelinux
CVE-2024-1874
2024-04-29 04:15:07
cve
cve
CVE-2024-1874
2024-04-29 04:15:07
cvelist
cvelist
osv
osv
CVE-2024-1874
2024-04-29 04:15:07
process: command injection via argument list on Windows
2024-04-09 22:14:47
debiancve
debiancve
CVE-2024-1874
2024-04-29 04:15:07
openvas
openvas
Slackware: Security Advisory (SSA:2024-103-01)
2024-04-15 00:00:00
Mageia: Security Advisory (MGASA-2024-0132)
2024-04-15 00:00:00
nessus
nessus
PHP 8.2.x < 8.2.18 Multiple Vulnerabilities
2024-04-11 00:00:00
Fedora 38 : php (2024-39d50cc975)
2024-04-19 00:00:00
slackware
slackware
[slackware-security] php
2024-04-12 19:36:41
cert
cert
mageia
mageia
Updated php packages fix security vulnerabilities
2024-04-13 19:56:38
fedora
fedora
[SECURITY] Fedora 39 Update: php-8.2.18-1.fc39
2024-04-19 01:18:35
[SECURITY] Fedora 38 Update: php-8.2.18-1.fc38
2024-04-19 02:53:20
[SECURITY] Fedora 40 Update: php-8.3.6-1.fc40
2024-04-19 21:43:53
freebsd
freebsd
php -- Multiple vulnerabilities
2024-04-11 00:00:00
thn
thn
Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks
2024-04-10 03:05:00