CVE-2022-31625

high

Description

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

References

https://bugs.php.net/bug.php?id=81720

https://lists.fedoraproject.org/archives/list/[email protected]/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/

https://www.debian.org/security/2022/dsa-5179

https://security.netapp.com/advisory/ntap-20220722-0005/

https://security.gentoo.org/glsa/202209-20

https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html

Details

Source: MITRE

Published: 2022-06-16

Updated: 2022-12-15

Type: CWE-763

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 8.1

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.2

Severity: HIGH