vulnerability
PHP Vulnerability: CVE-2022-31628
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | 09/28/2022 | 11/02/2022 | 01/30/2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
09/28/2022
Added
11/02/2022
Modified
01/30/2025
Description
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
Solution(s)
php-upgrade-7_4_31php-upgrade-8_0_24php-upgrade-8_1_11
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.