vulnerability
Amazon Linux 2023: CVE-2024-5458: Medium priority package update for php8.1 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | Oct 21, 2022 | Feb 17, 2025 | Jul 9, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Oct 21, 2022
Added
Feb 17, 2025
Modified
Jul 9, 2025
Description
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.
Solutions
amazon-linux-2023-upgrade-php8-1amazon-linux-2023-upgrade-php8-1-bcmathamazon-linux-2023-upgrade-php8-1-bcmath-debuginfoamazon-linux-2023-upgrade-php8-1-cliamazon-linux-2023-upgrade-php8-1-cli-debuginfoamazon-linux-2023-upgrade-php8-1-commonamazon-linux-2023-upgrade-php8-1-common-debuginfoamazon-linux-2023-upgrade-php8-1-dbaamazon-linux-2023-upgrade-php8-1-dba-debuginfoamazon-linux-2023-upgrade-php8-1-dbgamazon-linux-2023-upgrade-php8-1-dbg-debuginfoamazon-linux-2023-upgrade-php8-1-debuginfoamazon-linux-2023-upgrade-php8-1-debugsourceamazon-linux-2023-upgrade-php8-1-develamazon-linux-2023-upgrade-php8-1-embeddedamazon-linux-2023-upgrade-php8-1-embedded-debuginfoamazon-linux-2023-upgrade-php8-1-enchantamazon-linux-2023-upgrade-php8-1-enchant-debuginfoamazon-linux-2023-upgrade-php8-1-ffiamazon-linux-2023-upgrade-php8-1-ffi-debuginfoamazon-linux-2023-upgrade-php8-1-fpmamazon-linux-2023-upgrade-php8-1-fpm-debuginfoamazon-linux-2023-upgrade-php8-1-gdamazon-linux-2023-upgrade-php8-1-gd-debuginfoamazon-linux-2023-upgrade-php8-1-gmpamazon-linux-2023-upgrade-php8-1-gmp-debuginfoamazon-linux-2023-upgrade-php8-1-intlamazon-linux-2023-upgrade-php8-1-intl-debuginfoamazon-linux-2023-upgrade-php8-1-ldapamazon-linux-2023-upgrade-php8-1-ldap-debuginfoamazon-linux-2023-upgrade-php8-1-mbstringamazon-linux-2023-upgrade-php8-1-mbstring-debuginfoamazon-linux-2023-upgrade-php8-1-mysqlndamazon-linux-2023-upgrade-php8-1-mysqlnd-debuginfoamazon-linux-2023-upgrade-php8-1-odbcamazon-linux-2023-upgrade-php8-1-odbc-debuginfoamazon-linux-2023-upgrade-php8-1-opcacheamazon-linux-2023-upgrade-php8-1-opcache-debuginfoamazon-linux-2023-upgrade-php8-1-pdoamazon-linux-2023-upgrade-php8-1-pdo-debuginfoamazon-linux-2023-upgrade-php8-1-pgsqlamazon-linux-2023-upgrade-php8-1-pgsql-debuginfoamazon-linux-2023-upgrade-php8-1-processamazon-linux-2023-upgrade-php8-1-process-debuginfoamazon-linux-2023-upgrade-php8-1-pspellamazon-linux-2023-upgrade-php8-1-pspell-debuginfoamazon-linux-2023-upgrade-php8-1-snmpamazon-linux-2023-upgrade-php8-1-snmp-debuginfoamazon-linux-2023-upgrade-php8-1-soapamazon-linux-2023-upgrade-php8-1-soap-debuginfoamazon-linux-2023-upgrade-php8-1-tidyamazon-linux-2023-upgrade-php8-1-tidy-debuginfoamazon-linux-2023-upgrade-php8-1-xmlamazon-linux-2023-upgrade-php8-1-xml-debuginfoamazon-linux-2023-upgrade-php8-1-zipamazon-linux-2023-upgrade-php8-1-zip-debuginfoamazon-linux-2023-upgrade-php8-2amazon-linux-2023-upgrade-php8-2-bcmathamazon-linux-2023-upgrade-php8-2-bcmath-debuginfoamazon-linux-2023-upgrade-php8-2-cliamazon-linux-2023-upgrade-php8-2-cli-debuginfoamazon-linux-2023-upgrade-php8-2-commonamazon-linux-2023-upgrade-php8-2-common-debuginfoamazon-linux-2023-upgrade-php8-2-dbaamazon-linux-2023-upgrade-php8-2-dba-debuginfoamazon-linux-2023-upgrade-php8-2-dbgamazon-linux-2023-upgrade-php8-2-dbg-debuginfoamazon-linux-2023-upgrade-php8-2-debuginfoamazon-linux-2023-upgrade-php8-2-debugsourceamazon-linux-2023-upgrade-php8-2-develamazon-linux-2023-upgrade-php8-2-embeddedamazon-linux-2023-upgrade-php8-2-embedded-debuginfoamazon-linux-2023-upgrade-php8-2-enchantamazon-linux-2023-upgrade-php8-2-enchant-debuginfoamazon-linux-2023-upgrade-php8-2-ffiamazon-linux-2023-upgrade-php8-2-ffi-debuginfoamazon-linux-2023-upgrade-php8-2-fpmamazon-linux-2023-upgrade-php8-2-fpm-debuginfoamazon-linux-2023-upgrade-php8-2-gdamazon-linux-2023-upgrade-php8-2-gd-debuginfoamazon-linux-2023-upgrade-php8-2-gmpamazon-linux-2023-upgrade-php8-2-gmp-debuginfoamazon-linux-2023-upgrade-php8-2-intlamazon-linux-2023-upgrade-php8-2-intl-debuginfoamazon-linux-2023-upgrade-php8-2-ldapamazon-linux-2023-upgrade-php8-2-ldap-debuginfoamazon-linux-2023-upgrade-php8-2-mbstringamazon-linux-2023-upgrade-php8-2-mbstring-debuginfoamazon-linux-2023-upgrade-php8-2-mysqlndamazon-linux-2023-upgrade-php8-2-mysqlnd-debuginfoamazon-linux-2023-upgrade-php8-2-odbcamazon-linux-2023-upgrade-php8-2-odbc-debuginfoamazon-linux-2023-upgrade-php8-2-opcacheamazon-linux-2023-upgrade-php8-2-opcache-debuginfoamazon-linux-2023-upgrade-php8-2-pdoamazon-linux-2023-upgrade-php8-2-pdo-debuginfoamazon-linux-2023-upgrade-php8-2-pgsqlamazon-linux-2023-upgrade-php8-2-pgsql-debuginfoamazon-linux-2023-upgrade-php8-2-processamazon-linux-2023-upgrade-php8-2-process-debuginfoamazon-linux-2023-upgrade-php8-2-pspellamazon-linux-2023-upgrade-php8-2-pspell-debuginfoamazon-linux-2023-upgrade-php8-2-snmpamazon-linux-2023-upgrade-php8-2-snmp-debuginfoamazon-linux-2023-upgrade-php8-2-soapamazon-linux-2023-upgrade-php8-2-soap-debuginfoamazon-linux-2023-upgrade-php8-2-sodiumamazon-linux-2023-upgrade-php8-2-sodium-debuginfoamazon-linux-2023-upgrade-php8-2-tidyamazon-linux-2023-upgrade-php8-2-tidy-debuginfoamazon-linux-2023-upgrade-php8-2-xmlamazon-linux-2023-upgrade-php8-2-xml-debuginfoamazon-linux-2023-upgrade-php8-2-zipamazon-linux-2023-upgrade-php8-2-zip-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.