Skip to content
This repository was archived by the owner on Sep 21, 2025. It is now read-only.

Commit 596f355

Browse files
lightswitch05lightswitch05
committed
Automatic github actions updates. Changes found @lightswitch05 
1 parent 8c50c0a commit 596f355

1 file changed

Lines changed: 10 additions & 3 deletions

File tree

docs/rules-v1.json

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
{
2-
"lastUpdatedDate": "2025-03-29T02:26:14+0000",
2+
"lastUpdatedDate": "2025-03-29T13:29:19+0000",
33
"name": "PHP Version Audit",
44
"website": "https://github.com/lightswitch05/php-version-audit",
55
"licence": "https://github.com/lightswitch05/php-version-audit/blob/master/LICENSE",
66
"source": "https://www.github.developerdan.com/php-version-audit/rules-v1.json",
77
"releasesCount": 519,
8-
"cveCount": 358,
8+
"cveCount": 359,
99
"supportVersionsCount": 23,
1010
"latestVersion": "8.4.5",
1111
"latestVersions": {
@@ -5863,7 +5863,7 @@
58635863
"id": "CVE-2024-4577",
58645864
"baseScore": 9.8,
58655865
"publishedDate": "2024-06-09T20:15:00+0000",
5866-
"lastModifiedDate": "2025-03-21T20:18:00+0000",
5866+
"lastModifiedDate": "2025-03-28T15:12:00+0000",
58675867
"description": "In PHP versions\u00a08.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \"Best-Fit\" behavior to replace characters in command line given to\u00a0Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc."
58685868
},
58695869
"CVE-2024-5458": {
@@ -5942,6 +5942,13 @@
59425942
"publishedDate": "2024-11-24T01:15:00+0000",
59435943
"lastModifiedDate": "2024-11-26T18:29:00+0000",
59445944
"description": "In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape()\u00a0function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write."
5945+
},
5946+
"CVE-2025-1217": {
5947+
"id": "CVE-2025-1217",
5948+
"baseScore": null,
5949+
"publishedDate": "2025-03-29T06:15:00+0000",
5950+
"lastModifiedDate": "2025-03-29T06:15:00+0000",
5951+
"description": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc."
59455952
}
59465953
}
59475954
}

0 commit comments

Comments
 (0)