Share via

PHP 8.3 Vulnerability CVE-2024-4577

Faiz Johan 0 Reputation points
2024-06-24T09:15:45.97+00:00

On the mid June 2024, there is vulnerability reported CVE-2024-4577.

This vulnerability affects all versions of PHP

PHP 8.3 < 8.3.8

PHP 8.2 < 8.2.20

PHP 8.1 < 8.1.29

I have setup a Azure App Service using Stack PHP and the php -v shown with version 8.3.4 which is effected by the CVE. How can I upgrade it to the latest minor version 8.3.8?

User's image

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,931 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2024-06-24T09:15:46.0033333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To upgrade your Azure App Service PHP version to the latest minor version 8.3.8, you can run the following command in the Cloud Shell:

    az webapp config set --resource-group <resource-group-name> --name <app-name> --php-version 8.3.8

    This will set the PHP version to 8.3.8 for your app service. It is recommended to always use the latest version of PHP to ensure that your application is secure and up-to-date.

    References:

  2. ryo.m 0 Reputation points
    2024-07-01T03:58:28.3366667+00:00

    Hi,

    I am also a PHP user of Azure Web App and have the same concerns about CVE-2024-4577.

    I have researched this vulnerability and I believe it applies to a combination of PHP and Windows.

    I think it does not apply to PHP on Linux,

    which is currently offered by Azure Web App.

    References:

    CVE-2024-4577 Detail https://nvd.nist.gov/vuln/detail/CVE-2024-4577

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.