Skip to content
This repository was archived by the owner on Sep 21, 2025. It is now read-only.

Commit 85f582c

Browse files
lightswitch05lightswitch05
committed
Automatic github actions updates. Changes found @lightswitch05 
1 parent f36f042 commit 85f582c

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

docs/rules-v1.json

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{
2-
"lastUpdatedDate": "2025-06-19T02:52:14+0000",
2+
"lastUpdatedDate": "2025-06-19T13:38:57+0000",
33
"name": "PHP Version Audit",
44
"website": "https://github.com/lightswitch05/php-version-audit",
55
"licence": "https://github.com/lightswitch05/php-version-audit/blob/master/LICENSE",
@@ -4039,7 +4039,7 @@
40394039
"id": "CVE-2024-1874",
40404040
"baseScore": null,
40414041
"publishedDate": "2024-04-29T04:15:00+0000",
4042-
"lastModifiedDate": "2025-02-13T18:16:00+0000",
4042+
"lastModifiedDate": "2025-06-18T21:12:00+0000",
40434043
"description": "In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell."
40444044
},
40454045
"CVE-2024-2756": {
@@ -4053,14 +4053,14 @@
40534053
"id": "CVE-2024-2757",
40544054
"baseScore": null,
40554055
"publishedDate": "2024-04-29T04:15:00+0000",
4056-
"lastModifiedDate": "2025-02-13T18:17:00+0000",
4056+
"lastModifiedDate": "2025-06-18T21:11:00+0000",
40574057
"description": "In PHP 8.3.* before 8.3.5, function\u00a0mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function."
40584058
},
40594059
"CVE-2024-3096": {
40604060
"id": "CVE-2024-3096",
40614061
"baseScore": null,
40624062
"publishedDate": "2024-04-29T04:15:00+0000",
4063-
"lastModifiedDate": "2025-02-13T18:18:00+0000",
4063+
"lastModifiedDate": "2025-06-18T21:10:00+0000",
40644064
"description": "In PHP\u00a0 version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if\u00a0a password stored with password_hash() starts with a null byte (\\x00), testing a blank string as the password via password_verify() will incorrectly return true."
40654065
},
40664066
"CVE-2024-4577": {

0 commit comments

Comments
 (0)