[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-8927":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":96,"aliases":106,"duplicate_of":9,"upstream":107,"downstream":108,"duplicates":145,"related":146,"reserved_at":9,"published_at":157,"modified_at":158,"state":159,"summary":160,"references_raw":168,"kevs":184,"epss":185,"epss_history":188,"metrics":455,"affected":463},"CVE-2024-8927","In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP headers, which can lead to cgi.force_redirect option not being correctly applied. In certain configurations this may lead to arbitrary file inclusion in PHP.",null,[11,18],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-OTHER","Other","NVD uses this CWE ID when the weakness does not map to any existing CWE entry.","placeholder","NVD-Reserved",[],{"_key":19,"id":19,"name":20,"description":21,"type":22,"status":23,"abstraction":24,"likelihood_of_exploit":9,"capec":25},"CWE-1220","Insufficient Granularity of Access Control","The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.","weakness","Incomplete","Base",[26,74],{"id":27,"name":28,"techniques":29},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[30],{"id":31,"name":32,"tactics":33,"countermeasures":49},"T1574.010","Services File Permissions Weakness",[34,37,40,43,46],{"id":35,"name":36},"TA0110","Persistence",{"id":38,"name":39},"TA0111","Privilege Escalation",{"id":41,"name":42},"TA0030","Defense Evasion",{"id":44,"name":45},"TA0005","Stealth",{"id":47,"name":48},"TA0104","Execution",[50,55,59,64,69],{"id":51,"name":52,"tactic":53},"D3-SWI","Software Inventory",{"name":54},"Model",{"id":56,"name":57,"tactic":58},"D3-AVE","Asset Vulnerability Enumeration",{"name":54},{"id":60,"name":61,"tactic":62},"D3-SBV","Service Binary Verification",{"name":63},"Detect",{"id":65,"name":66,"tactic":67},"D3-SU","Software Update",{"name":68},"Harden",{"id":70,"name":71,"tactic":72},"D3-RS","Restore Software",{"name":73},"Restore",{"id":75,"name":76,"techniques":77},"CAPEC-180","Exploiting Incorrectly Configured Access Control Security Levels",[78],{"id":31,"name":32,"tactics":79,"countermeasures":85},[80,81,82,83,84],{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},{"id":44,"name":45},{"id":47,"name":48},[86,88,90,92,94],{"id":51,"name":52,"tactic":87},{"name":54},{"id":56,"name":57,"tactic":89},{"name":54},{"id":60,"name":61,"tactic":91},{"name":63},{"id":65,"name":66,"tactic":93},{"name":68},{"id":70,"name":71,"tactic":95},{"name":73},[97],{"_key":98,"name":99,"source":100,"url":101,"maturity":102,"reliability_score":103,"verified":104,"type":9,"platforms":105,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_PHP_PHP-SRC","Php Src","github","https://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846","poc",0.3,false,[],[],[],[109,111,113,115,117,119,121,123,125,127,129,131,133,135,137,139,141,143],{"_key":110},"SUSE-SU-2024:3732-1",{"_key":112},"SUSE-SU-2024:3664-1",{"_key":114},"SUSE-SU-2024:3729-1",{"_key":116},"SUSE-SU-2024:3733-1",{"_key":118},"OPENSUSE-SU-2024:14376-1",{"_key":120},"DLA-3920-1",{"_key":122},"DSA-5780-1",{"_key":124},"RHSA-2024:10949",{"_key":126},"RHSA-2024:10950",{"_key":128},"RHSA-2024:10951",{"_key":130},"RHSA-2024:10952",{"_key":132},"RHSA-2025:7315",{"_key":134},"MGASA-2024-0328",{"_key":136},"USN-7049-1",{"_key":138},"USN-7049-3",{"_key":140},"UBUNTU-CVE-2024-8927",{"_key":142},"DEBIAN-CVE-2024-8927",{"_key":144},"USN-7049-2",[],[147,148,149,150,151,152,153,155],{"_key":110},{"_key":112},{"_key":114},{"_key":116},{"_key":118},{"_key":134},{"_key":154},"CGA-3W5C-PPWW-3Q5V",{"_key":156},"CGA-C3PM-G68X-MW4G","2024-10-08T03:56:31.849Z","2025-11-03T22:33:09.411Z","Modified",{"cisa_kev":104,"cisa_ransomware":104,"cisa_vendor":9,"epss_severity":161,"epss_score":162,"severity":163,"severity_score":164,"severity_version":165,"severity_source":166,"severity_vector":167,"severity_status":159},"low",0.00345,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[169,176,180],{"url":170,"sources":171,"tags":173},"https://github.com/php/php-src/security/advisories/GHSA-94p6-54jq-9mwp",[166,172],"nvd",[174,175],"Exploit","Vendor Advisory",{"url":177,"sources":178,"tags":179},"https://security.netapp.com/advisory/ntap-20241101-0003/",[166,172],[],{"url":181,"sources":182,"tags":183},"https://lists.debian.org/debian-lts-announce/2024/10/msg00011.html",[166,172],[],[],{"date":186,"score":162,"percentile":187},"2026-06-04",0.57314,[189,193,197,200,204,207,210,213,216,219,222,224,226,228,231,235,238,241,245,248,251,254,257,260,263,266,269,272,275,278,281,284,287,289,292,295,298,301,304,307,310,313,316,318,321,324,327,329,332,335,338,341,344,347,351,354,357,360,363,366,369,373,376,379,382,384,387,389,392,395,398,401,404,407,410,413,416,419,422,425,428,431,434,437,440,442,445,448,450,452],{"date":190,"score":191,"percentile":192},"2025-11-04",0.0045,0.62806,{"date":194,"score":195,"percentile":196},"2025-11-05",0.00412,0.60733,{"date":198,"score":195,"percentile":199},"2025-11-06",0.60738,{"date":201,"score":202,"percentile":203},"2025-11-07",0.00331,0.55471,{"date":205,"score":202,"percentile":206},"2025-11-08",0.55475,{"date":208,"score":202,"percentile":209},"2025-11-09",0.55468,{"date":211,"score":202,"percentile":212},"2025-11-10",0.55445,{"date":214,"score":202,"percentile":215},"2025-11-11",0.55457,{"date":217,"score":202,"percentile":218},"2025-11-12",0.55483,{"date":220,"score":202,"percentile":221},"2025-11-13",0.55491,{"date":223,"score":202,"percentile":221},"2025-11-14",{"date":225,"score":202,"percentile":218},"2025-11-15",{"date":227,"score":202,"percentile":209},"2025-11-16",{"date":229,"score":202,"percentile":230},"2025-11-17",0.55459,{"date":232,"score":233,"percentile":234},"2025-11-18",0.00385,0.56949,{"date":236,"score":233,"percentile":237},"2025-11-19",0.56966,{"date":239,"score":233,"percentile":240},"2025-11-20",0.56956,{"date":242,"score":243,"percentile":244},"2025-11-21",0.0034,0.56086,{"date":246,"score":243,"percentile":247},"2025-11-22",0.56082,{"date":249,"score":243,"percentile":250},"2025-11-23",0.56056,{"date":252,"score":202,"percentile":253},"2025-11-24",0.55434,{"date":255,"score":202,"percentile":256},"2025-11-25",0.55438,{"date":258,"score":202,"percentile":259},"2025-11-26",0.55439,{"date":261,"score":202,"percentile":262},"2025-11-27",0.55441,{"date":264,"score":202,"percentile":265},"2025-11-28",0.55413,{"date":267,"score":202,"percentile":268},"2025-11-29",0.55399,{"date":270,"score":202,"percentile":271},"2025-11-30",0.55386,{"date":273,"score":202,"percentile":274},"2025-12-01",0.55545,{"date":276,"score":202,"percentile":277},"2025-12-02",0.55557,{"date":279,"score":202,"percentile":280},"2025-12-03",0.55549,{"date":282,"score":202,"percentile":283},"2025-12-04",0.55383,{"date":285,"score":202,"percentile":286},"2025-12-05",0.554,{"date":288,"score":202,"percentile":286},"2025-12-06",{"date":290,"score":202,"percentile":291},"2025-12-07",0.5539,{"date":293,"score":202,"percentile":294},"2025-12-08",0.55392,{"date":296,"score":202,"percentile":297},"2025-12-09",0.55409,{"date":299,"score":202,"percentile":300},"2025-12-10",0.55466,{"date":302,"score":202,"percentile":303},"2025-12-11",0.55486,{"date":305,"score":202,"percentile":306},"2025-12-12",0.55509,{"date":308,"score":202,"percentile":309},"2025-12-13",0.55502,{"date":311,"score":202,"percentile":312},"2025-12-14",0.55499,{"date":314,"score":202,"percentile":315},"2025-12-15",0.55488,{"date":317,"score":202,"percentile":309},"2025-12-16",{"date":319,"score":202,"percentile":320},"2025-12-17",0.55524,{"date":322,"score":202,"percentile":323},"2025-12-18",0.55562,{"date":325,"score":202,"percentile":326},"2025-12-19",0.55565,{"date":328,"score":202,"percentile":277},"2025-12-20",{"date":330,"score":202,"percentile":331},"2025-12-21",0.55535,{"date":333,"score":202,"percentile":334},"2025-12-22",0.55514,{"date":336,"score":202,"percentile":337},"2025-12-23",0.5552,{"date":339,"score":202,"percentile":340},"2025-12-24",0.55528,{"date":342,"score":202,"percentile":343},"2025-12-25",0.55571,{"date":345,"score":202,"percentile":346},"2025-12-26",0.55564,{"date":348,"score":349,"percentile":350},"2025-12-27",0.00259,0.49143,{"date":352,"score":202,"percentile":353},"2025-12-28",0.55527,{"date":355,"score":202,"percentile":356},"2025-12-29",0.55511,{"date":358,"score":202,"percentile":359},"2025-12-30",0.55506,{"date":361,"score":202,"percentile":362},"2025-12-31",0.55519,{"date":364,"score":202,"percentile":365},"2026-01-01",0.55687,{"date":367,"score":202,"percentile":368},"2026-01-02",0.55668,{"date":370,"score":371,"percentile":372},"2026-01-03",0.00428,0.62095,{"date":374,"score":371,"percentile":375},"2026-01-04",0.619,{"date":377,"score":371,"percentile":378},"2026-01-05",0.6189,{"date":380,"score":202,"percentile":381},"2026-01-06",0.55485,{"date":383,"score":202,"percentile":356},"2026-01-07",{"date":385,"score":202,"percentile":386},"2026-01-08",0.55532,{"date":388,"score":202,"percentile":340},"2026-01-09",{"date":390,"score":243,"percentile":391},"2026-01-10",0.56212,{"date":393,"score":243,"percentile":394},"2026-01-11",0.56188,{"date":396,"score":243,"percentile":397},"2026-01-12",0.56146,{"date":399,"score":243,"percentile":400},"2026-01-13",0.56122,{"date":402,"score":243,"percentile":403},"2026-01-14",0.56166,{"date":405,"score":243,"percentile":406},"2026-01-15",0.5617,{"date":408,"score":243,"percentile":409},"2026-01-16",0.56192,{"date":411,"score":243,"percentile":412},"2026-01-17",0.56185,{"date":414,"score":243,"percentile":415},"2026-01-18",0.56179,{"date":417,"score":243,"percentile":418},"2026-01-19",0.56167,{"date":420,"score":243,"percentile":421},"2026-01-20",0.56169,{"date":423,"score":243,"percentile":424},"2026-01-21",0.56173,{"date":426,"score":243,"percentile":427},"2026-01-22",0.56174,{"date":429,"score":243,"percentile":430},"2026-01-23",0.56217,{"date":432,"score":202,"percentile":433},"2026-01-24",0.55539,{"date":435,"score":202,"percentile":436},"2026-01-25",0.555,{"date":438,"score":202,"percentile":439},"2026-01-26",0.55487,{"date":441,"score":202,"percentile":312},"2026-01-27",{"date":443,"score":202,"percentile":444},"2026-01-28",0.55512,{"date":446,"score":202,"percentile":447},"2026-01-29",0.55515,{"date":449,"score":202,"percentile":337},"2026-01-30",{"date":451,"score":202,"percentile":320},"2026-01-31",{"date":453,"score":202,"percentile":454},"2026-02-01",0.55665,[456,461],{"source":166,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":457,"cvss_v4_0":9},{"baseScore":164,"baseSeverity":458,"vectorString":167,"impactScore":459,"exploitabilityScore":460},"HIGH",6,10,{"source":172,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":462,"cvss_v4_0":9},{"baseScore":164,"baseSeverity":458,"vectorString":167,"impactScore":459,"exploitabilityScore":460},[464,482],{"ecosystem":9,"name":465,"vendor":9,"product":465,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":466},"PHP",[467,474,478],{"version":468,"is_range":469,"range_type":166,"version_start":470,"version_start_type":471,"version_end":472,"version_end_type":473,"fixed_in":9},">= 8.1.*, \u003C 8.1.30",true,"8.1.*","including","8.1.30","excluding",{"version":475,"is_range":469,"range_type":166,"version_start":476,"version_start_type":471,"version_end":477,"version_end_type":473,"fixed_in":9},">= 8.2.*, \u003C 8.2.24","8.2.*","8.2.24",{"version":479,"is_range":469,"range_type":166,"version_start":480,"version_start_type":471,"version_end":481,"version_end_type":473,"fixed_in":9},">= 8.3.*, \u003C 8.3.12","8.3.*","8.3.12",{"ecosystem":9,"name":465,"vendor":9,"product":465,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":483},[484,488,491],{"version":485,"is_range":469,"range_type":486,"version_start":487,"version_start_type":471,"version_end":472,"version_end_type":473,"fixed_in":9},"gte8.1.0_lt8.1.30","cpe","8.1.0",{"version":489,"is_range":469,"range_type":486,"version_start":490,"version_start_type":471,"version_end":477,"version_end_type":473,"fixed_in":9},"gte8.2.0_lt8.2.24","8.2.0",{"version":492,"is_range":469,"range_type":486,"version_start":493,"version_start_type":471,"version_end":481,"version_end_type":473,"fixed_in":9},"gte8.3.0_lt8.3.12","8.3.0"]