CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
Percentile
79.3%
Core Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) Fixed bug GH-9361 (Segmentation fault on script exit #9379). Fixed bug GH-9407 (LSP error in eval’d code refers to wrong class for static type). Fixed bug #81727: Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629) DOM Fixed bug #79451 (DOMDocument->replaceChild on doctype causes double free). FPM Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to error_log after daemon reload). Fixed bug #77780 (“Headers already sent…” when previous connection was aborted). GMP Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed to gmp_init()). Intl Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter). Phar Fixed bug #81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628) PDO_PGSQL Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed). Reflection Fixed bug GH-8932 (ReflectionFunction provides no way to get the called class of a Closure). Fixed bug GH-9409 (Private method is incorrectly dumped as “overwrites”). Streams Fixed bug GH-9316 ($http_response_header is wrong for long status line).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | php | < 8.0.24-1 | php-8.0.24-1.mga8 |