Sparx Systems Forum

Pro Cloud Server / Prolaborate / WebEA => PCS General Board => Topic started by: mcarter01 on June 10, 2024, 09:02:46 pm

Title: Critical PHP Flaw
Post by: mcarter01 on June 10, 2024, 09:02:46 pm

On June 6, 2024, PHP released:

CVE-2024-4577: Proof of Concept Available for PHP-CGI Argument Injection Vulnerability

which augmented CVE-2012-1823. The recommended fix is to incorporate PHP 8.3.8, 8.2.20, and 8.1.29. Has Sparx upgraded WebEA to meet this CVE?

Title: Re: Critical PHP Flaw
Post by: Geert Bellekens on June 10, 2024, 09:52:31 pm

I hope you also asked Sparx?

Remember, this is a user forum so you are basically asking your fellow users.

Geert

Title: Re: Critical PHP Flaw
Post by: Eve on June 11, 2024, 08:57:56 am

https://sparxsystems.com/enterprise_architect_user_guide/16.1/the_model_repository/webea_website.html (https://sparxsystems.com/enterprise_architect_user_guide/16.1/the_model_repository/webea_website.html)
WebEA can run on 8 or later. Generally speaking you are responsible for the environment. (If you have SaaS then I don't know the answer.)