Security Advisory

CVE-2022-31625

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-16 05:45:15

Last updated 2024-09-16 18:35:01

Assigner php

State PUBLISHED

Description

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

← Browse all CVEs View on cve.org ↗