CVE-2017-9841

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-9841

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-9841.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-9841

Aliases

GHSA-r7c9-c69m-rph8

Related

Published

2017-06-27T17:29:00Z

Modified

2024-10-12T02:59:39.274336Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "

References

Affected packages

Debian:11 / phpunit

Package

Name: phpunit
Purl: pkg:deb/debian/phpunit?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.6-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / phpunit

Package

Name: phpunit
Purl: pkg:deb/debian/phpunit?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.6-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / phpunit

Package

Name: phpunit
Purl: pkg:deb/debian/phpunit?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.6-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/sebastianbergmann/phpunit

Affected ranges

Type: GIT
Repo: https://github.com/sebastianbergmann/phpunit
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

284a69fb88a2d0845d23f42974a583d8f59bf5a5

Affected versions

1.*

1.0.0RC1

3.*

3.4.10

3.4.11

3.4.12

3.4.13

3.4.14

3.4.15

3.4.6

3.4.7

3.4.8

3.4.9

3.5.0

3.5.0RC2

3.5.0beta1

3.5.1

3.5.10

3.5.11

3.5.12

3.5.13

3.5.14

3.5.15

3.5.2

3.5.3

3.5.4

3.5.5

3.5.6

3.5.7

3.5.8

3.5.9

3.6.0

3.6.0RC1

3.6.0RC2

3.6.0RC3

3.6.0RC4

3.6.1

3.6.10

3.6.11

3.6.12

3.6.2

3.6.3

3.6.4

3.6.5

3.6.6

3.6.7

3.6.8

3.6.9

3.7.0

3.7.0RC2

3.7.0RC3

3.7.0RC4

3.7.0RC5

3.7.1

3.7.10

3.7.11

3.7.12

3.7.13

3.7.14

3.7.15

3.7.16

3.7.17

3.7.18

3.7.19

3.7.2

3.7.20

3.7.21

3.7.22

3.7.23

3.7.24

3.7.25

3.7.26

3.7.27

3.7.28

3.7.29

3.7.3

3.7.30

3.7.31

3.7.32

3.7.33

3.7.34

3.7.35

3.7.36

3.7.37

3.7.38

3.7.4

3.7.5

3.7.6

3.7.7

3.7.8

4.*

4.0.0

4.0.1

4.0.11

4.0.12

4.0.13

4.0.14

4.0.15

4.0.16

4.0.17

4.0.18

4.0.19

4.0.2

4.0.20

4.0.3

4.0.4

4.0.5

4.0.6

4.0.7

4.0.8

4.0.9

4.1.0

4.1.1

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.2.0

4.2.1

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

4.3.0

4.3.1

4.3.2

4.3.3

4.3.4

4.3.5

4.4.0

4.4.1

4.4.2

4.4.3

4.4.4

4.4.5

4.5.0

4.6.0

4.6.1

4.6.2

4.6.3

4.6.4

4.6.5

4.6.6

4.6.7

4.6.8

4.6.9

4.7.0

4.7.1

4.7.2

4.7.3

4.7.4

4.7.5

4.7.6

4.7.7

4.8.0

4.8.1

4.8.10

4.8.11

4.8.12

4.8.13

4.8.14

4.8.15

4.8.16

4.8.17

4.8.18

4.8.19

4.8.2

4.8.20

4.8.21

4.8.22

4.8.23

4.8.24

4.8.25

4.8.26

4.8.27

4.8.3

4.8.4

4.8.5

4.8.6

4.8.7

4.8.8

4.8.9