Mik3 Posted June 18 Share Posted June 18 Dear Unraid devs, thanks for your hard work and continuos support and for the amazing product unraid is. I know you are actually busy developing the next unraid version but as stated before by other community members would be nice to receive some updates regarding the base system for security reason. I am on latest unraid version which according to PHP info ships PHP version 8.2.7 which is vulnerable to the CVE-2024-4577 according to the advisory. There is an exploit on the wild already and a PoC, I haven't tested it myself. Could you please confirm unraid is vulnerable? Could you please provide a system update to fix this and probably other vulnerable packages that are presents on the system while we wait for the next big major upgrade? Thank you! @ljm42 Quote Link to comment
SimonF Posted June 18 Share Posted June 18 10 minutes ago, Mik3 said: Dear Unraid devs, thanks for your hard work and continuos support and for the amazing product unraid is. I know you are actually busy developing the next unraid version but as stated before by other community members would be nice to receive some updates regarding the base system for security reason. I am on latest unraid version which according to PHP info ships PHP version 8.2.7 which is vulnerable to the CVE-2024-4577 according to the advisory. There is an exploit on the wild already and a PoC, I haven't tested it myself. Could you please confirm unraid is vulnerable? Could you please provide a system update to fix this and probably other vulnerable packages that are presents on the system while we wait for the next big major upgrade? Thank you! @ljm42 Reading the CVE, this oly affects PHP running on Windows. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.