In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
References
Configurations
History
No history.
Information
Published : 2022-06-16 06:15
Updated : 2024-11-21 07:04
NVD link : CVE-2022-31625
Mitre link : CVE-2022-31625
CVE.ORG link : CVE-2022-31625
JSON object : View
Products Affected
php
- php
debian
- debian_linux