PHP 8.2.x < 8.2.3 Multiple Vulnerabilities

high Nessus Plugin ID 171466

Language:

Version 1.11 May 27, 2025, 1:54 AM Plugin requirements (Remove enable_cgi_scanning attribute from PHP plugins) Plugin Feed: 202505270154
Version 1.10 Nov 22, 2024, 4:32 PM Plugin metadata (remove script_exclude_keys for CGI scanning) Plugin Feed: 202411221632
Version 1.9 Jun 7, 2024, 4:47 PM IAVM reference Plugin Feed: 202406071647
Version 1.8 Jun 4, 2024, 12:08 PM Required Scan configuration ("Enable cgi scanning" set to "True") Plugin Feed: 202406041208
Version 1.7 Oct 18, 2023, 7:26 PM IAVM reference Plugin Feed: 202310181926
Version 1.6 Sep 4, 2023, 4:15 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202309041615
Version 1.5 Jun 30, 2023, 8:10 AM IAVM reference Plugin Feed: 202306300810
Version 1.4 Mar 21, 2023, 7:30 PM Plugin metadata Plugin Feed: 202303211930
Version 1.3 Mar 6, 2023, 2:14 PM CVSSv3 score source (set to "CVE-2023-0568") CVSS metrics ("CVSSv2 score" changed from "10.0" to "7.6". "CVSSv2 score" changed from "10.0" to "7.6". "CVSSv2 score" changed from "10.0" to "7.6". "CVSSv2 score" changed from "10.0" to "7.6". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C". "CVSSv3 score" changed from "9.8" to "8.1". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C". "CVSSv3 score" changed from "9.8" to "8.1". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C". "CVSSv3 score" changed from "9.8" to "8.1". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H") Plugin Feed: 202303061414
Version 1.2 Feb 27, 2023, 2:07 PM CVSSv3 score source (set to "CVE-2023-0568") CVSS metrics ("CVSSv2 score" changed from "5.0" to "10.0". "CVSSv2 score" changed from "5.0" to "10.0". "CVSSv2 score" changed from "5.0" to "10.0". "CVSSv3 score" changed from "7.5" to "9.8". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv3 score" changed from "7.5" to "9.8". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv3 score" changed from "7.5" to "9.8". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv3 score" changed from "7.5" to "9.8") CVSSv2 score source (changed from "CVE-2023-0662" to "CVE-2023-0568") CVSSv2 severity (based on CVE-2023-0568, severity increased from "Medium" to "High") Plugin Feed: 202302271407
Version 1.1 Feb 17, 2023, 10:07 PM IAVM reference STIG Severity (set to "I") Plugin Feed: 202302172207
Version 1.0 Feb 15, 2023, 3:27 AM New Plugin Feed: 202302150327

* Changelogs are generally available for changes made after Nov 1, 2022