CVE-2022-31625

Exploit

EPSS 0.68%
Veröffentlicht 16.06.2022 06:15:08
Zuletzt bearbeitet 21.11.2024 07:04:52
Quelle security@php.net
Teams Watchlist Login
Unerledigt Login

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 3 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Php ≫ Php Version >= 7.4.0 < 7.4.30

Php ≫ Php Version >= 8.0.0 < 8.0.20

Php ≫ Php Version >= 8.1.0 < 8.1.7

Debian ≫ Debian Linux Version10.0

Debian ≫ Debian Linux Version11.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.68%	0.707

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.2	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
security@php.net	8.1	2.2	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-590 Free of Memory not on the Heap

The product calls free() on a pointer to memory that was not allocated using associated heap allocation functions such as malloc(), calloc(), or realloc().

CWE-763 Release of Invalid Pointer or Reference

The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.

CWE-824 Access of Uninitialized Pointer

The product accesses or uses a pointer that has not been initialized.

https://security.gentoo.org/glsa/202209-20

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html

Third Party Advisory

Mailing List

https://bugs.php.net/bug.php?id=81720

Patch

Vendor Advisory

Exploit

Mailing List