Rocky Linux: CVE-2022-31631: php (Multiple Advisories)

Rocky Linux: CVE-2022-31631: php (Multiple Advisories)

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

04/06/2023

Created

03/13/2024

Added

03/12/2024

Modified

02/14/2025

Description

In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities.

Solution(s)

• rocky-upgrade-libzip
• rocky-upgrade-libzip-debuginfo
• rocky-upgrade-libzip-debugsource
• rocky-upgrade-libzip-devel
• rocky-upgrade-libzip-tools
• rocky-upgrade-libzip-tools-debuginfo
• rocky-upgrade-php
• rocky-upgrade-php-bcmath
• rocky-upgrade-php-bcmath-debuginfo
• rocky-upgrade-php-cli
• rocky-upgrade-php-cli-debuginfo
• rocky-upgrade-php-common
• rocky-upgrade-php-common-debuginfo
• rocky-upgrade-php-dba
• rocky-upgrade-php-dba-debuginfo
• rocky-upgrade-php-dbg
• rocky-upgrade-php-dbg-debuginfo
• rocky-upgrade-php-debuginfo
• rocky-upgrade-php-debugsource
• rocky-upgrade-php-devel
• rocky-upgrade-php-embedded
• rocky-upgrade-php-embedded-debuginfo
• rocky-upgrade-php-enchant
• rocky-upgrade-php-enchant-debuginfo
• rocky-upgrade-php-ffi
• rocky-upgrade-php-ffi-debuginfo
• rocky-upgrade-php-fpm
• rocky-upgrade-php-fpm-debuginfo
• rocky-upgrade-php-gd
• rocky-upgrade-php-gd-debuginfo
• rocky-upgrade-php-gmp
• rocky-upgrade-php-gmp-debuginfo
• rocky-upgrade-php-intl
• rocky-upgrade-php-intl-debuginfo
• rocky-upgrade-php-ldap
• rocky-upgrade-php-ldap-debuginfo
• rocky-upgrade-php-mbstring
• rocky-upgrade-php-mbstring-debuginfo
• rocky-upgrade-php-mysqlnd
• rocky-upgrade-php-mysqlnd-debuginfo
• rocky-upgrade-php-odbc
• rocky-upgrade-php-odbc-debuginfo
• rocky-upgrade-php-opcache
• rocky-upgrade-php-opcache-debuginfo
• rocky-upgrade-php-pdo
• rocky-upgrade-php-pdo-debuginfo
• rocky-upgrade-php-pecl-apcu
• rocky-upgrade-php-pecl-apcu-debuginfo
• rocky-upgrade-php-pecl-apcu-debugsource
• rocky-upgrade-php-pecl-apcu-devel
• rocky-upgrade-php-pecl-rrd
• rocky-upgrade-php-pecl-rrd-debuginfo
• rocky-upgrade-php-pecl-rrd-debugsource
• rocky-upgrade-php-pecl-xdebug3
• rocky-upgrade-php-pecl-xdebug3-debuginfo
• rocky-upgrade-php-pecl-xdebug3-debugsource
• rocky-upgrade-php-pecl-zip
• rocky-upgrade-php-pecl-zip-debuginfo
• rocky-upgrade-php-pecl-zip-debugsource
• rocky-upgrade-php-pgsql
• rocky-upgrade-php-pgsql-debuginfo
• rocky-upgrade-php-process
• rocky-upgrade-php-process-debuginfo
• rocky-upgrade-php-snmp
• rocky-upgrade-php-snmp-debuginfo
• rocky-upgrade-php-soap
• rocky-upgrade-php-soap-debuginfo
• rocky-upgrade-php-xml
• rocky-upgrade-php-xml-debuginfo

References

• https://attackerkb.com/topics/cve-2022-31631
• CVE - 2022-31631
• https://errata.rockylinux.org/RLSA-2023:0848
• https://errata.rockylinux.org/RLSA-2023:0965