Lucene search
Ubuntu.comUB:CVE-2022-31631HistoryJan 05, 2023 - 12:00 a.m.
CVE-2022-31631
2023-01-0500:00:00
ubuntu.com
ubuntu.com
67
A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote()
of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf(),
it is possible to force the function to return a single apostrophe if the function is called on
user-supplied input without any length restrictions in place.
Bugs
Notes
| Author | Note |
|---|---|
| sbeattie | PEAR issues should go against php-pear as of xenial |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 14.04 | noarch | php5 | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | php7.0 | <Â 7.0.33-0ubuntu0.16.04.16+esm5) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
| ubuntu | 18.04 | noarch | php7.2 | <Â 7.2.24-0ubuntu0.18.04.16 | UNKNOWN |
| ubuntu | 20.04 | noarch | php7.4 | <Â 7.4.3-4ubuntu2.17 | UNKNOWN |
| ubuntu | 22.04 | noarch | php8.1 | <Â 8.1.2-1ubuntu2.10 | UNKNOWN |
| ubuntu | 22.10 | noarch | php8.1 | <Â 8.1.7-1ubuntu3.2 | UNKNOWN |
| ubuntu | 23.04 | noarch | php8.1 | <Â 8.1.12-1ubuntu3 | UNKNOWN |
References
github.com/php/php-src/commit/921b6813da3237a83e908998483f46ae3d8bacba
github.com/php/php-src/commit/a6a80eefe0413c91acd922bc58590a4db7979af0
launchpad.net/bugs/cve/CVE-2022-31631
nvd.nist.gov/vuln/detail/CVE-2022-31631
security-tracker.debian.org/tracker/CVE-2022-31631
ubuntu.com/security/notices/USN-5818-1
ubuntu.com/security/notices/USN-5905-1
www.cve.org/CVERecord?id=CVE-2022-31631
Related
nessus
nessus
PHP 8.2.x < 8.2.1
2023-01-12 00:00:00
Amazon Linux 2 : php (ALASPHP8.1-2023-003)
2023-09-13 00:00:00
slackware
slackware
[slackware-security] php
2023-01-07 02:09:30
cve
cve
CVE-2022-31631
2023-01-07 02:11:16
openvas
openvas
PHP < 8.0.27, 8.1.x < 8.1.14, 8.2.x < 8.2.1 Security Update - Windows
2023-01-06 00:00:00
Slackware: Security Advisory (SSA:2023-006-02)
2023-01-09 00:00:00
Fedora: Security Advisory for php (FEDORA-2023-5732365005)
2023-01-15 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: php-8.1.14-1.fc36
2023-01-13 01:21:41
[SECURITY] Fedora 37 Update: php-8.1.14-1.fc37
2023-01-15 01:59:40
alpinelinux
alpinelinux
CVE-2022-31631
2023-01-07 02:11:16
debiancve
debiancve
CVE-2022-31631
2023-01-07 02:11:16
altlinux
altlinux
Security fix for the ALT Linux 10 package php8.1 version 8.1.14-alt1
2023-01-16 00:00:00
Security fix for the ALT Linux 10 package php8.0 version 8.0.27-alt1
2023-01-17 00:00:00
Security fix for the ALT Linux 10 package php8.2 version 8.1.14-alt1
2023-01-09 00:00:00
mageia
mageia
Updated php packages fix security vulnerability
2023-01-24 10:58:24
veracode
veracode
SQL Injection
2023-01-08 13:03:34
f5
f5
K000136109 : PHP SQLite vulnerability CVE-2022-31631
2023-09-06 00:00:00
redhatcve
redhatcve
CVE-2022-31631
2023-01-06 16:05:18
osv
osv
php7.2, php7.4, php8.1 vulnerability
2023-01-23 13:14:04
php7.3 - security update
2023-02-26 00:00:00
php7.4 - security update
2023-02-24 00:00:00
ubuntu
ubuntu
PHP vulnerability
2023-01-23 00:00:00
PHP vulnerabilities
2023-03-02 00:00:00
debian
debian
[SECURITY] [DSA 5363-1] php7.4 security update
2023-02-24 19:21:10
[SECURITY] [DLA 3345-1] php7.3 security update
2023-02-26 22:00:18
rocky
rocky
php security update
2023-04-06 15:53:36
php:8.0 security update
2023-02-22 01:08:53
almalinux
almalinux
Moderate: php:8.1 security update
2023-05-09 00:00:00
Moderate: php:8.0 security update
2023-02-21 00:00:00
Moderate: php security update
2023-02-28 00:00:00
redhat
redhat
(RHSA-2023:2417) Moderate: php:8.1 security update
2023-05-09 05:10:10
(RHSA-2023:0965) Moderate: php security update
2023-02-28 07:53:30
(RHSA-2023:2903) Moderate: php:7.4 security update
2023-05-16 05:57:44
oraclelinux
oraclelinux
8.1 security update
2023-05-15 00:00:00
php security update
2023-02-28 00:00:00
php:8.0 security update
2023-02-22 00:00:00
Related for UB:CVE-2022-31631