In PHP versions prior to 7.4.33,... CVE-2022-31630

- AV AC AU C I A
发布: 2022-11-14
修订: 2024-11-21

In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.

0%
暂无可用Exp或PoC
当前有4条受影响产品信息