Vulnerability Bulletins

MSA-23-0029: Competency framework tools are not restricted as intended

System information

Affected software PHP


por Michael Hawkins. Insufficient capability checks resulted in competency framework tools being available to users without the relevant capability.Severity/Risk:MinorVersions affected:4.2 to 4.2.1, 4.1 to 4.1.4, 4.0 to 4.0.9, 3.11 to 3.11.15, 3.9 to 3.9.22 and earlier unsupported versionsVersions fixed:4.2.2, 4.1.5, 4.0.10, 3.11.16 and 3.9.23Reported by:Michael HawkinsCVE identifier:CVE-2023-40324Changes

More info:

Standar resources

Property Value
CVE CVE-2023-40324.

Version history

Version Comments Date
Ministerio de Defensa