Security Advisory

CVE-2022-31627

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-28 05:50:09
Last updated 2024-09-16 21:02:46
Assigner php
State PUBLISHED

Description

In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.