In PHP versions 7.4.x below 7.4.30,... CVE-2022-31625

6.8 AV AC AU C I A
发布: 2022-06-16
修订: 2023-11-07

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有5条受影响产品信息