Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-31625

Опубликовано: 16 мая 2022
Источник: redhat
CVSS3: 7
EPSS Низкий

Описание

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

A vulnerability was found in PHP due to an uninitialized array in pg_query_params() function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote attacker with the ability to control query parameters to execute arbitrary code on the system or may cause a denial of service.

Отчет

This CVE rated as moderate because attack complexity is high, and creating/supplying invalid parameters is complex while using a Postgres database extension.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6phpNot affected
Red Hat Enterprise Linux 7phpNot affected
Red Hat Enterprise Linux 8phpFixedRHSA-2022:615824.08.2022
Red Hat Enterprise Linux 8phpFixedRHSA-2022:762408.11.2022
Red Hat Enterprise Linux 9phpFixedRHSA-2022:819715.11.2022
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-php73-phpFixedRHSA-2022:549104.07.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-824
https://bugzilla.redhat.com/show_bug.cgi?id=2098521php: Uninitialized array in pg_query_params() leading to RCE

EPSS

Процентиль: 72%
0.00719
Низкий

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-31625

CVSS3: 8.1
ubuntu
больше 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

nvd логотип

CVE-2022-31625

CVSS3: 8.1
nvd
больше 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

msrc логотип

CVE-2022-31625

CVSS3: 8.1
msrc
около 1 месяца назад

Freeing unallocated memory in php_pgsql_free_params()

debian логотип

CVE-2022-31625

CVSS3: 8.1
debian
больше 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x belo ...

rocky логотип

RLSA-2022:6158

rocky
около 3 лет назад

Moderate: php:7.4 security update

EPSS

Процентиль: 72%
0.00719
Низкий

7 High

CVSS3