2023-01-10
ALT-BU-2023-2161-1
Branch sisyphus_riscv64 update bulletin.
Package php8.0 updated to version 8.0.27-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Published: 2025-02-12
Modified: 2025-07-02
Modified: 2025-07-02
CVE-2022-31631
In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities.
Severity: CRITICAL (9.1)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References: