BIT-LIBPHP-2022-31627 Heap buffer overflow in finfo_buffer

In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfobuffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption...

Heap buffer overflow in finfo_buffer

...

ROS-20220826-01

A vulnerability in the phpurlparseex function of the PHP programming language interpreter is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow a remote attacker to launch an SSRF attack Vulnerability in the SOAP extension of the PHP interpreter...

CVE-2022-31627 Heap buffer overflow in finfo_buffer

In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfobuffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption...

CVE-2022-31627

A vulnerability was found in php. This issue occurs due to memory corruption in the finfobuffer function and a bad patch of the libmagic library. This flaw allows an attacker or malicious actor to execute a heap buffer overflow successfully, causing a memory crash...

PHP 缓冲区错误漏洞

PHP is a scripting language that executes on the server side. A security vulnerability exists in PHP 8.1.x series versions prior to 8.1.8, which stems from a buffer overflow that can be triggered in PHP via finfobuffer, which can be exploited by an attacker to trigger a denial of service and...