RHSA-2022:5491HighCVSS 8.8
Red Hat Security Advisory: rh-php73-php security and bug fix update
🔗 CVE IDs covered (4)
📋 Description
CVE-2021-21703 — php: Local privilege escalation via PHP-FPM CVE-2021-21707 — php: Special character breaks path in xml parsing CVE-2022-31625 — php: Uninitialized array in pg_query_params() leading to RCE CVE-2022-31626 — php: password of excessive length triggers buffer overflow leading to RCE
🔗 References (8)
- selfhttps://access.redhat.com/errata/RHSA-2022:5491
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2016535
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2026045
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2098521
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2098523
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2100753
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5491.json