PHP 8.2.x < 8.2.0 Multiple Vulnerabilities
critical Nessus Plugin ID 168500
Language:
Synopsis
The version PHP running on the remote web server is affected by multiple vulnerabilities.Description
The version of PHP installed on the remote host is prior to 8.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.2.0 advisory.- In PHP versions prior to 7.4.33, 8.0.25 and 8.2.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information. (CVE-2022-31630)
- The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties.
This occurs in the sponge function interface. (CVE-2022-37454)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to PHP version 8.2.0 or later.See Also
Plugin Details
Severity: Critical
ID: 168500
File Name: php_8_2_0.nasl
Version: 1.4
Type: remote
Family: CGI abuses
Published: 12/8/2022
Updated: 1/12/2023
Configuration: Enable thorough checks
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Temporal Vector: CVSS2#E:U/RL:OF/RC:C
CVSS Score Source: CVE-2022-37454
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:php:php
Required KB Items: www/PHP, installed_sw/PHP
Exploit Ease: No known exploits are available
Patch Publication Date: 12/8/2022
Vulnerability Publication Date: 10/21/2022
Reference Information
CVE: CVE-2022-31630, CVE-2022-37454
IAVA: 2022-A-0515-S