Showing 1 - 7 of 7

CVE-2022-31630

Status Candidate

Overview

In PHP versions prior to 7.4.33, 8.0.25 and 8.2.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.

Related Files

Red Hat Security Advisory 2023-2903-01: Posted May 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2903-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.; tags | advisory, web, overflow, php, vulnerability; systems | linux, redhat; advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-31631, CVE-2022-37454; SHA-256 | 14a0a9a8f5279ccadad2c5e3c17b877bba2ef4521d090aff2aef00472ba06ed5; Download | Favorite | View

Red Hat Security Advisory 2023-2417-01: Posted May 9, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2417-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.; tags | advisory, web, overflow, php, vulnerability; systems | linux, redhat; advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-31631, CVE-2022-37454; SHA-256 | 6f47e62ad0a97a6168bb8cbdb23c454b713421317ea8a4adaead022a0b590fdc; Download | Favorite | View

Red Hat Security Advisory 2023-0965-01: Posted Feb 28, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0965-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.; tags | advisory, web, overflow, php, vulnerability; systems | linux, redhat; advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-31631, CVE-2022-37454; SHA-256 | 21cc7adcd44f74a7b7d1f07e645c25db715969dc71fb46ce643d346bc354f014; Download | Favorite | View

Red Hat Security Advisory 2023-0848-01: Posted Feb 21, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0848-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.; tags | advisory, web, overflow, php, vulnerability; systems | linux, redhat; advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-31631, CVE-2022-37454; SHA-256 | d6a1d2c70e7aeefb58c3d6f8d3e365857d79e83f3ce23dcb4126b0c9c7790543; Download | Favorite | View

Gentoo Linux Security Advisory 202211-03: Posted Nov 21, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202211-3 - Multiple vulnerabilities have been found in PHP, the worst of which could result in arbitrary code execution. Versions less than 7.4.33:7.4 are affected.; tags | advisory, arbitrary, php, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454; SHA-256 | 9a1678e24b2e3feff0e005708de8cc73ed15cb45dc823e4705b0397f6d11473c; Download | Favorite | View

Debian Security Advisory 5277-1: Posted Nov 14, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5277-1 - Multiple security issues were discovered in PHP, a widely-used open source general purpose scripting language which could result an denial of service, information disclosure, insecure cooking handling or potentially the execution of arbitrary code.; tags | advisory, denial of service, arbitrary, php, info disclosure; systems | linux, debian; advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454; SHA-256 | 40cb66a9c0c2167146b80561176a952e5901d8ea040e6b36e934347e7c5f4ac6; Download | Favorite | View

Ubuntu Security Notice USN-5717-1: Posted Nov 9, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5717-1 - It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise the data It was discovered that PHP incorrectly handled certain image fonts. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS.; tags | advisory, denial of service, php; systems | linux, ubuntu; advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454; SHA-256 | 5d9c5fa429c56df30e64215e02fbcce857d17b47d4d6b19014cc6d97a3a22070; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2022-31630

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems