Lucene search

K
redhatRedHatRHSA-2022:5491
HistoryJul 04, 2022 - 7:07 a.m.

(RHSA-2022:5491) Important: rh-php73-php security and bug fix update

2022-07-0407:07:16
access.redhat.com
77

0.008 Low

EPSS

Percentile

81.7%

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

  • php: password of excessive length triggers buffer overflow leading to RCE (CVE-2022-31626)

  • php: Local privilege escalation via PHP-FPM (CVE-2021-21703)

  • php: special character breaks path in xml parsing (CVE-2021-21707)

  • php: uninitialized array in pg_query_params() leading to RCE (CVE-2022-31625)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • rh-php73: rebase to 7.3.33 (BZ#2100753)