[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-5458":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":341,"aliases":351,"duplicate_of":9,"upstream":352,"downstream":353,"duplicates":390,"related":391,"reserved_at":9,"published_at":404,"modified_at":405,"state":406,"summary":407,"references_raw":415,"kevs":449,"epss":450,"epss_history":453,"metrics":714,"affected":722},"CVE-2024-5458","In PHP versionsĀ 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLsĀ (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-345","Insufficient Verification of Data Authenticity","The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.","weakness","Draft","Class",[19,23,76,88,109,113,117,121,125,129,133,337],{"id":20,"name":21,"techniques":22},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":24,"name":25,"techniques":26},"CAPEC-141","Cache Poisoning",[27],{"id":28,"name":29,"tactics":30,"countermeasures":37},"T1557.002","ARP Cache Poisoning",[31,34],{"id":32,"name":33},"TA0031","Credential Access",{"id":35,"name":36},"TA0100","Collection",[38,43,47,51,55,59,63,67,71],{"id":39,"name":40,"tactic":41},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":42},"Detect",{"id":44,"name":45,"tactic":46},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":42},{"id":48,"name":49,"tactic":50},"D3-CSPP","Client-server Payload Profiling",{"name":42},{"id":52,"name":53,"tactic":54},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":42},{"id":56,"name":57,"tactic":58},"D3-NTSA","Network Traffic Signature Analysis",{"name":42},{"id":60,"name":61,"tactic":62},"D3-APCA","Application Protocol Command Analysis",{"name":42},{"id":64,"name":65,"tactic":66},"D3-NTCD","Network Traffic Community Deviation",{"name":42},{"id":68,"name":69,"tactic":70},"D3-RTSD","Remote Terminal Session Detection",{"name":42},{"id":72,"name":73,"tactic":74},"D3-NTF","Network Traffic Filtering",{"name":75},"Isolate",{"id":77,"name":78,"techniques":79},"CAPEC-142","DNS Cache Poisoning",[80],{"id":81,"name":82,"tactics":83,"countermeasures":87},"T1584.002","DNS Server",[84],{"id":85,"name":86},"TA0042","Resource Development",[],{"id":89,"name":90,"techniques":91},"CAPEC-148","Content Spoofing",[92],{"id":93,"name":94,"tactics":95,"countermeasures":99},"T1491","Defacement",[96],{"id":97,"name":98},"TA0105","Impact",[100,105],{"id":101,"name":102,"tactic":103},"D3-DNR","Decoy Network Resource",{"name":104},"Deceive",{"id":106,"name":107,"tactic":108},"D3-NRAM","Network Resource Access Mediation",{"name":75},{"id":110,"name":111,"techniques":112},"CAPEC-218","Spoofing of UDDI/ebXML Messages",[],{"id":114,"name":115,"techniques":116},"CAPEC-384","Application API Message Manipulation via Man-in-the-Middle",[],{"id":118,"name":119,"techniques":120},"CAPEC-385","Transaction or Event Tampering via Application API Manipulation",[],{"id":122,"name":123,"techniques":124},"CAPEC-386","Application API Navigation Remapping",[],{"id":126,"name":127,"techniques":128},"CAPEC-387","Navigation Remapping To Propagate Malicious Content",[],{"id":130,"name":131,"techniques":132},"CAPEC-388","Application API Button Hijacking",[],{"id":134,"name":135,"techniques":136},"CAPEC-665","Exploitation of Thunderbolt Protection Flaws",[137,173,213],{"id":138,"name":139,"tactics":140,"countermeasures":147},"T1211","Exploitation for Stealth",[141,144],{"id":142,"name":143},"TA0030","Defense Evasion",{"id":145,"name":146},"TA0005","Stealth",[148,152,156,160,165,169],{"id":149,"name":150,"tactic":151},"D3-MBT","Memory Boundary Tracking",{"name":42},{"id":153,"name":154,"tactic":155},"D3-PCSV","Process Code Segment Verification",{"name":42},{"id":157,"name":158,"tactic":159},"D3-SSC","Shadow Stack Comparisons",{"name":42},{"id":161,"name":162,"tactic":163},"D3-PSEP","Process Segment Execution Prevention",{"name":164},"Harden",{"id":166,"name":167,"tactic":168},"D3-SAOR","Segment Address Offset Randomization",{"name":164},{"id":170,"name":171,"tactic":172},"D3-SFCV","Stack Frame Canary Validation",{"name":164},{"id":174,"name":175,"tactics":176,"countermeasures":182},"T1542.002","Component Firmware",[177,178,179],{"id":142,"name":143},{"id":145,"name":146},{"id":180,"name":181},"TA0110","Persistence",[183,188,192,196,200,204,208],{"id":184,"name":185,"tactic":186},"D3-SWI","Software Inventory",{"name":187},"Model",{"id":189,"name":190,"tactic":191},"D3-AVE","Asset Vulnerability Enumeration",{"name":187},{"id":193,"name":194,"tactic":195},"D3-FEMC","Firmware Embedded Monitoring Code",{"name":42},{"id":197,"name":198,"tactic":199},"D3-FV","Firmware Verification",{"name":42},{"id":201,"name":202,"tactic":203},"D3-FBA","Firmware Behavior Analysis",{"name":42},{"id":205,"name":206,"tactic":207},"D3-SU","Software Update",{"name":164},{"id":209,"name":210,"tactic":211},"D3-RS","Restore Software",{"name":212},"Restore",{"id":214,"name":215,"tactics":216,"countermeasures":223},"T1556","Modify Authentication Process",[217,218,221,222],{"id":142,"name":143},{"id":219,"name":220},"TA0112","Defense Impairment",{"id":180,"name":181},{"id":32,"name":33},[224,228,232,236,240,244,248,252,256,260,265,269,273,277,281,285,289,293,297,301,305,309,313,317,321,325,329,333],{"id":225,"name":226,"tactic":227},"D3-CI","Configuration Inventory",{"name":187},{"id":229,"name":230,"tactic":231},"D3-NTPM","Network Traffic Policy Mapping",{"name":187},{"id":233,"name":234,"tactic":235},"D3-AM","Access Modeling",{"name":187},{"id":237,"name":238,"tactic":239},"D3-FA","File Analysis",{"name":42},{"id":241,"name":242,"tactic":243},"D3-FIM","File Integrity Monitoring",{"name":42},{"id":245,"name":246,"tactic":247},"D3-PLA","Process Lineage Analysis",{"name":42},{"id":249,"name":250,"tactic":251},"D3-PSMD","Process Self-Modification Detection",{"name":42},{"id":253,"name":254,"tactic":255},"D3-PSA","Process Spawn Analysis",{"name":42},{"id":257,"name":258,"tactic":259},"D3-SFA","System File Analysis",{"name":42},{"id":261,"name":262,"tactic":263},"D3-FEV","File Eviction",{"name":264},"Evict",{"id":266,"name":267,"tactic":268},"D3-PT","Process Termination",{"name":264},{"id":270,"name":271,"tactic":272},"D3-PS","Process Suspension",{"name":264},{"id":274,"name":275,"tactic":276},"D3-HR","Host Reboot",{"name":264},{"id":278,"name":279,"tactic":280},"D3-HS","Host Shutdown",{"name":264},{"id":282,"name":283,"tactic":284},"D3-DF","Decoy File",{"name":104},{"id":286,"name":287,"tactic":288},"D3-FE","File Encryption",{"name":164},{"id":290,"name":291,"tactic":292},"D3-RF","Restore File",{"name":212},{"id":294,"name":295,"tactic":296},"D3-RC","Restore Configuration",{"name":212},{"id":298,"name":299,"tactic":300},"D3-CF","Content Filtering",{"name":75},{"id":302,"name":303,"tactic":304},"D3-LFP","Local File Permissions",{"name":75},{"id":306,"name":307,"tactic":308},"D3-RFAM","Remote File Access Mediation",{"name":75},{"id":310,"name":311,"tactic":312},"D3-CQ","Content Quarantine",{"name":75},{"id":314,"name":315,"tactic":316},"D3-CM","Content Modification",{"name":75},{"id":318,"name":319,"tactic":320},"D3-KBPI","Kernel-based Process Isolation",{"name":75},{"id":322,"name":323,"tactic":324},"D3-SCF","System Call Filtering",{"name":75},{"id":326,"name":327,"tactic":328},"D3-HBPI","Hardware-based Process Isolation",{"name":75},{"id":330,"name":331,"tactic":332},"D3-ABPI","Application-based Process Isolation",{"name":75},{"id":334,"name":335,"tactic":336},"D3-WSAM","Web Session Access Mediation",{"name":75},{"id":338,"name":339,"techniques":340},"CAPEC-701","Browser in the Middle (BiTM)",[],[342],{"_key":343,"name":344,"source":345,"url":346,"maturity":347,"reliability_score":348,"verified":349,"type":9,"platforms":350,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_PHP_PHP-SRC","Php Src","github","https://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846","poc",0.3,false,[],[],[],[354,356,358,360,362,364,366,368,370,372,374,376,378,380,382,384,386,388],{"_key":355},"SUSE-SU-2024:2027-1",{"_key":357},"SUSE-SU-2024:2037-1",{"_key":359},"SUSE-SU-2024:2038-1",{"_key":361},"SUSE-SU-2024:2039-1",{"_key":363},"OPENSUSE-SU-2024:14033-1",{"_key":365},"DLA-3833-1",{"_key":367},"DLA-3920-1",{"_key":369},"DSA-5717-1",{"_key":371},"RHSA-2024:10949",{"_key":373},"RHSA-2024:10950",{"_key":375},"RHSA-2024:10951",{"_key":377},"RHSA-2024:10952",{"_key":379},"RHSA-2025:7315",{"_key":381},"MGASA-2024-0262",{"_key":383},"UBUNTU-CVE-2024-5458",{"_key":385},"USN-6841-1",{"_key":387},"DEBIAN-CVE-2024-5458",{"_key":389},"USN-6841-2",[],[392,393,394,395,396,397,398,400,402],{"_key":355},{"_key":357},{"_key":359},{"_key":361},{"_key":363},{"_key":381},{"_key":399},"CGA-9Q75-MMFG-QH8F",{"_key":401},"CGA-MW83-3MM4-XQWQ",{"_key":403},"CGA-PPVF-RGXG-MPM2","2024-06-09T18:26:28.804Z","2025-11-03T22:32:24.445Z","Modified",{"cisa_kev":349,"cisa_ransomware":349,"cisa_vendor":9,"epss_severity":408,"epss_score":409,"severity":410,"severity_score":411,"severity_version":412,"severity_source":413,"severity_vector":414,"severity_status":406},"low",0.03579,"medium",5.3,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",[416,423,429,433,437,441,445],{"url":417,"sources":418,"tags":420},"https://github.com/php/php-src/security/advisories/GHSA-w8qr-v226-r27w",[413,419],"nvd",[421,422],"Exploit","Vendor Advisory",{"url":424,"sources":425,"tags":426},"http://www.openwall.com/lists/oss-security/2024/06/07/1",[413,419],[427,428],"Mailing List","Third Party Advisory",{"url":430,"sources":431,"tags":432},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",[413,419],[428],{"url":434,"sources":435,"tags":436},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",[413,419],[],{"url":438,"sources":439,"tags":440},"https://lists.debian.org/debian-lts-announce/2024/06/msg00009.html",[413,419],[],{"url":442,"sources":443,"tags":444},"https://security.netapp.com/advisory/ntap-20240726-0001/",[413,419],[],{"url":446,"sources":447,"tags":448},"https://lists.debian.org/debian-lts-announce/2024/10/msg00011.html",[413,419],[],[],{"date":451,"score":409,"percentile":452},"2026-06-04",0.87949,[454,457,460,463,466,469,472,475,478,481,484,487,490,492,494,498,501,504,508,511,514,516,519,521,523,525,528,531,535,538,541,544,547,550,553,556,559,562,565,568,571,574,577,579,582,585,588,591,593,595,597,600,603,605,609,613,616,619,622,626,629,632,635,637,640,643,646,649,652,655,657,659,662,665,668,671,674,676,679,682,685,688,691,694,697,700,703,706,709,711],{"date":455,"score":409,"percentile":456},"2025-11-04",0.87234,{"date":458,"score":409,"percentile":459},"2025-11-05",0.87236,{"date":461,"score":409,"percentile":462},"2025-11-06",0.87233,{"date":464,"score":409,"percentile":465},"2025-11-07",0.8724,{"date":467,"score":409,"percentile":468},"2025-11-08",0.87244,{"date":470,"score":409,"percentile":471},"2025-11-09",0.87238,{"date":473,"score":409,"percentile":474},"2025-11-10",0.87237,{"date":476,"score":409,"percentile":477},"2025-11-11",0.87243,{"date":479,"score":409,"percentile":480},"2025-11-12",0.87248,{"date":482,"score":409,"percentile":483},"2025-11-13",0.87253,{"date":485,"score":409,"percentile":486},"2025-11-14",0.87255,{"date":488,"score":409,"percentile":489},"2025-11-15",0.87251,{"date":491,"score":409,"percentile":486},"2025-11-16",{"date":493,"score":409,"percentile":489},"2025-11-17",{"date":495,"score":496,"percentile":497},"2025-11-18",0.00757,0.71085,{"date":499,"score":496,"percentile":500},"2025-11-19",0.71092,{"date":502,"score":496,"percentile":503},"2025-11-20",0.71102,{"date":505,"score":506,"percentile":507},"2025-11-21",0.03241,0.86626,{"date":509,"score":506,"percentile":510},"2025-11-22",0.86621,{"date":512,"score":506,"percentile":513},"2025-11-23",0.86615,{"date":515,"score":409,"percentile":483},"2025-11-24",{"date":517,"score":409,"percentile":518},"2025-11-25",0.87254,{"date":520,"score":409,"percentile":483},"2025-11-26",{"date":522,"score":409,"percentile":486},"2025-11-27",{"date":524,"score":409,"percentile":477},"2025-11-28",{"date":526,"score":409,"percentile":527},"2025-11-29",0.87317,{"date":529,"score":409,"percentile":530},"2025-11-30",0.87316,{"date":532,"score":533,"percentile":534},"2025-12-01",0.0238,0.84547,{"date":536,"score":533,"percentile":537},"2025-12-02",0.8455,{"date":539,"score":533,"percentile":540},"2025-12-03",0.84551,{"date":542,"score":409,"percentile":543},"2025-12-04",0.87314,{"date":545,"score":409,"percentile":546},"2025-12-05",0.87318,{"date":548,"score":409,"percentile":549},"2025-12-06",0.87315,{"date":551,"score":409,"percentile":552},"2025-12-07",0.87309,{"date":554,"score":409,"percentile":555},"2025-12-08",0.87311,{"date":557,"score":409,"percentile":558},"2025-12-09",0.87322,{"date":560,"score":409,"percentile":561},"2025-12-10",0.87339,{"date":563,"score":409,"percentile":564},"2025-12-11",0.87345,{"date":566,"score":409,"percentile":567},"2025-12-12",0.87349,{"date":569,"score":409,"percentile":570},"2025-12-13",0.87348,{"date":572,"score":409,"percentile":573},"2025-12-14",0.87342,{"date":575,"score":409,"percentile":576},"2025-12-15",0.87341,{"date":578,"score":409,"percentile":567},"2025-12-16",{"date":580,"score":409,"percentile":581},"2025-12-17",0.87352,{"date":583,"score":409,"percentile":584},"2025-12-18",0.87361,{"date":586,"score":409,"percentile":587},"2025-12-19",0.87362,{"date":589,"score":409,"percentile":590},"2025-12-20",0.8736,{"date":592,"score":409,"percentile":590},"2025-12-21",{"date":594,"score":409,"percentile":584},"2025-12-22",{"date":596,"score":409,"percentile":587},"2025-12-23",{"date":598,"score":409,"percentile":599},"2025-12-24",0.8737,{"date":601,"score":409,"percentile":602},"2025-12-25",0.87383,{"date":604,"score":409,"percentile":602},"2025-12-26",{"date":606,"score":607,"percentile":608},"2025-12-27",0.02815,0.85762,{"date":610,"score":611,"percentile":612},"2025-12-28",0.04305,0.88506,{"date":614,"score":611,"percentile":615},"2025-12-29",0.88501,{"date":617,"score":611,"percentile":618},"2025-12-30",0.88508,{"date":620,"score":611,"percentile":621},"2025-12-31",0.88517,{"date":623,"score":624,"percentile":625},"2026-01-01",0.02872,0.85923,{"date":627,"score":624,"percentile":628},"2026-01-02",0.85925,{"date":630,"score":624,"percentile":631},"2026-01-03",0.85922,{"date":633,"score":611,"percentile":634},"2026-01-04",0.8851,{"date":636,"score":611,"percentile":612},"2026-01-05",{"date":638,"score":611,"percentile":639},"2026-01-06",0.88511,{"date":641,"score":611,"percentile":642},"2026-01-07",0.88514,{"date":644,"score":611,"percentile":645},"2026-01-08",0.8852,{"date":647,"score":611,"percentile":648},"2026-01-09",0.88524,{"date":650,"score":611,"percentile":651},"2026-01-10",0.88526,{"date":653,"score":611,"percentile":654},"2026-01-11",0.88519,{"date":656,"score":611,"percentile":621},"2026-01-12",{"date":658,"score":611,"percentile":642},"2026-01-13",{"date":660,"score":611,"percentile":661},"2026-01-14",0.88528,{"date":663,"score":611,"percentile":664},"2026-01-15",0.8853,{"date":666,"score":611,"percentile":667},"2026-01-16",0.88536,{"date":669,"score":611,"percentile":670},"2026-01-17",0.88538,{"date":672,"score":611,"percentile":673},"2026-01-18",0.88537,{"date":675,"score":611,"percentile":667},"2026-01-19",{"date":677,"score":611,"percentile":678},"2026-01-20",0.88539,{"date":680,"score":611,"percentile":681},"2026-01-21",0.88543,{"date":683,"score":611,"percentile":684},"2026-01-22",0.88548,{"date":686,"score":611,"percentile":687},"2026-01-23",0.88562,{"date":689,"score":611,"percentile":690},"2026-01-24",0.8857,{"date":692,"score":611,"percentile":693},"2026-01-25",0.88566,{"date":695,"score":611,"percentile":696},"2026-01-26",0.88568,{"date":698,"score":611,"percentile":699},"2026-01-27",0.88569,{"date":701,"score":611,"percentile":702},"2026-01-28",0.88571,{"date":704,"score":611,"percentile":705},"2026-01-29",0.88576,{"date":707,"score":611,"percentile":708},"2026-01-30",0.8858,{"date":710,"score":611,"percentile":708},"2026-01-31",{"date":712,"score":624,"percentile":713},"2026-02-01",0.85981,[715,720],{"source":413,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":716,"cvss_v4_0":9},{"baseScore":411,"baseSeverity":717,"vectorString":414,"impactScore":718,"exploitabilityScore":719},"MEDIUM",2.3,10,{"source":419,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":721,"cvss_v4_0":9},{"baseScore":411,"baseSeverity":717,"vectorString":414,"impactScore":718,"exploitabilityScore":719},[723,731,749],{"ecosystem":9,"name":724,"vendor":725,"product":724,"cpe_part":726,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":727},"fedora","fedoraproject","o",[728],{"version":729,"is_range":349,"range_type":730,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"40","cpe",{"ecosystem":9,"name":732,"vendor":9,"product":732,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":733},"PHP",[734,741,745],{"version":735,"is_range":736,"range_type":413,"version_start":737,"version_start_type":738,"version_end":739,"version_end_type":740,"fixed_in":9},">= 8.1.*, \u003C 8.1.29",true,"8.1.*","including","8.1.29","excluding",{"version":742,"is_range":736,"range_type":413,"version_start":743,"version_start_type":738,"version_end":744,"version_end_type":740,"fixed_in":9},">= 8.2.*, \u003C 8.2.20","8.2.*","8.2.20",{"version":746,"is_range":736,"range_type":413,"version_start":747,"version_start_type":738,"version_end":748,"version_end_type":740,"fixed_in":9},">= 8.3.*, \u003C 8.3.8","8.3.*","8.3.8",{"ecosystem":9,"name":732,"vendor":9,"product":732,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":750},[751,755,759,763,766,769],{"version":752,"is_range":736,"range_type":730,"version_start":753,"version_start_type":738,"version_end":754,"version_end_type":738,"fixed_in":9},"gte7.3.27_lte7.3.33","7.3.27","7.3.33",{"version":756,"is_range":736,"range_type":730,"version_start":757,"version_start_type":738,"version_end":758,"version_end_type":738,"fixed_in":9},"gte7.4.15_lte7.4.33","7.4.15","7.4.33",{"version":760,"is_range":736,"range_type":730,"version_start":761,"version_start_type":738,"version_end":762,"version_end_type":738,"fixed_in":9},"gte8.0.2_lte8.0.30","8.0.2","8.0.30",{"version":764,"is_range":736,"range_type":730,"version_start":765,"version_start_type":738,"version_end":739,"version_end_type":740,"fixed_in":9},"gte8.1.0_lt8.1.29","8.1.0",{"version":767,"is_range":736,"range_type":730,"version_start":768,"version_start_type":738,"version_end":744,"version_end_type":740,"fixed_in":9},"gte8.2.0_lt8.2.20","8.2.0",{"version":770,"is_range":736,"range_type":730,"version_start":771,"version_start_type":738,"version_end":748,"version_end_type":740,"fixed_in":9},"gte8.3.0_lt8.3.8","8.3.0"]