Jump to:

CVE-2022-31631

Jump to:

CVE-2022-31631

Package php8.1 updated to version 8.1.14-alt1 for branch sisyphus_mipsel.

Published: 2025-02-12
Modified: 2025-07-02

CVE-2022-31631

In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities.

Severity: CRITICAL (9.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

References:

https://bugs.php.net/bug.php?id=81740
https://security.netapp.com/advisory/ntap-20230223-0007/
https://bugs.php.net/bug.php?id=81740

Version: 2.1.2

Package php8.1 update in sisyphus_mipsel on 2023-01-11

ALT-PU-2023-2172-1

Closed vulnerabilities

CVE-2022-31631