9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.014 Low
EPSS
Percentile
86.3%
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
The following packages have been upgraded to a later upstream version: php (8.0.27). (BZ#2161667)
Security Fix(es):
__Host-
or __Secure-
cookie by PHP applications (CVE-2022-31629)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
almalinux | 9 | ppc64le | php-gd | < 8.0.27-1.el9_1 | php-gd-8.0.27-1.el9_1.ppc64le.rpm |
almalinux | 9 | ppc64le | php-mbstring | < 8.0.27-1.el9_1 | php-mbstring-8.0.27-1.el9_1.ppc64le.rpm |
almalinux | 9 | ppc64le | php-odbc | < 8.0.27-1.el9_1 | php-odbc-8.0.27-1.el9_1.ppc64le.rpm |
almalinux | 9 | ppc64le | php-pgsql | < 8.0.27-1.el9_1 | php-pgsql-8.0.27-1.el9_1.ppc64le.rpm |
almalinux | 9 | ppc64le | php-devel | < 8.0.27-1.el9_1 | php-devel-8.0.27-1.el9_1.ppc64le.rpm |
almalinux | 9 | ppc64le | php-fpm | < 8.0.27-1.el9_1 | php-fpm-8.0.27-1.el9_1.ppc64le.rpm |
almalinux | 9 | ppc64le | php-xml | < 8.0.27-1.el9_1 | php-xml-8.0.27-1.el9_1.ppc64le.rpm |
almalinux | 9 | ppc64le | php-cli | < 8.0.27-1.el9_1 | php-cli-8.0.27-1.el9_1.ppc64le.rpm |
almalinux | 9 | ppc64le | php-common | < 8.0.27-1.el9_1 | php-common-8.0.27-1.el9_1.ppc64le.rpm |
almalinux | 9 | ppc64le | php-pdo | < 8.0.27-1.el9_1 | php-pdo-8.0.27-1.el9_1.ppc64le.rpm |
access.redhat.com/errata/RHSA-2023:0965
access.redhat.com/security/cve/CVE-2022-31628
access.redhat.com/security/cve/CVE-2022-31629
access.redhat.com/security/cve/CVE-2022-31630
access.redhat.com/security/cve/CVE-2022-31631
access.redhat.com/security/cve/CVE-2022-37454
bugzilla.redhat.com/2133687
bugzilla.redhat.com/2133688
bugzilla.redhat.com/2139280
bugzilla.redhat.com/2140200
bugzilla.redhat.com/2158791
errata.almalinux.org/9/ALSA-2023-0965.html
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.014 Low
EPSS
Percentile
86.3%