Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-31625

Опубликовано: 16 июн. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.1

Описание

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

needed

esm-infra/focal

DNE

focal

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

mantic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

esm-infra/xenial

released

7.0.33-0ubuntu0.16.04.16+esm4
focal

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

Показывать по

РелизСтатусПримечание
bionic

released

7.2.24-0ubuntu0.18.04.12
devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

7.2.24-0ubuntu0.18.04.12
esm-infra/focal

DNE

focal

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

7.4.3-4ubuntu2.12
focal

released

7.4.3-4ubuntu2.12
impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

mantic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

impish

released

8.0.8-1ubuntu0.4
jammy

DNE

kinetic

DNE

lunar

DNE

mantic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

impish

DNE

jammy

released

8.1.2-1ubuntu2.1
kinetic

released

8.1.5-1ubuntu2
lunar

released

8.1.5-1ubuntu2
mantic

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 72%
0.00766
Низкий

6.8 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-31625

CVSS3: 7
redhat
около 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

nvd логотип

CVE-2022-31625

CVSS3: 8.1
nvd
около 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

debian логотип

CVE-2022-31625

CVSS3: 8.1
debian
около 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x belo ...

rocky логотип

RLSA-2022:6158

rocky
почти 3 года назад

Moderate: php:7.4 security update

github логотип

GHSA-wg63-8xjw-5wvx

CVSS3: 9.8
github
около 3 лет назад

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

EPSS

Процентиль: 72%
0.00766
Низкий

6.8 Medium

CVSS2

8.1 High

CVSS3

Уязвимость CVE-2022-31625