Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-31625

Опубликовано: 16 мая 2022
Источник: redhat
CVSS3: 7

Описание

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

A vulnerability was found in PHP due to an uninitialized array in pg_query_params() function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote attacker with the ability to control query parameters to execute arbitrary code on the system or may cause a denial of service.

Отчет

This CVE rated as moderate because attack complexity is high, and creating/supplying invalid parameters is complex while using a Postgres database extension.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6phpNot affected
Red Hat Enterprise Linux 7phpNot affected
Red Hat Enterprise Linux 8phpFixedRHSA-2022:615824.08.2022
Red Hat Enterprise Linux 8phpFixedRHSA-2022:762408.11.2022
Red Hat Enterprise Linux 9phpFixedRHSA-2022:819715.11.2022
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-php73-phpFixedRHSA-2022:549104.07.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-824
https://bugzilla.redhat.com/show_bug.cgi?id=2098521php: Uninitialized array in pg_query_params() leading to RCE

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-31625

CVSS3: 8.1
ubuntu
около 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

nvd логотип

CVE-2022-31625

CVSS3: 8.1
nvd
около 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

debian логотип

CVE-2022-31625

CVSS3: 8.1
debian
около 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x belo ...

rocky логотип

RLSA-2022:6158

rocky
почти 3 года назад

Moderate: php:7.4 security update

github логотип

GHSA-wg63-8xjw-5wvx

CVSS3: 9.8
github
около 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

7 High

CVSS3