what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2022-31629

Status Candidate

Overview

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Related Files

Red Hat Security Advisory 2023-2903-01
Posted May 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2903-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, web, overflow, php, vulnerability
systems | linux, redhat
advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-31631, CVE-2022-37454
SHA-256 | 14a0a9a8f5279ccadad2c5e3c17b877bba2ef4521d090aff2aef00472ba06ed5
Red Hat Security Advisory 2023-2417-01
Posted May 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2417-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, web, overflow, php, vulnerability
systems | linux, redhat
advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-31631, CVE-2022-37454
SHA-256 | 6f47e62ad0a97a6168bb8cbdb23c454b713421317ea8a4adaead022a0b590fdc
Ubuntu Security Notice USN-5905-1
Posted Mar 3, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5905-1 - It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise data integrity. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31631, CVE-2023-0568, CVE-2023-0662
SHA-256 | 568ea4cc2d068c625914a2aca31e396f31df3ead8417e7cc93c9f33b2b47b9ac
Red Hat Security Advisory 2023-0965-01
Posted Feb 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0965-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, web, overflow, php, vulnerability
systems | linux, redhat
advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-31631, CVE-2022-37454
SHA-256 | 21cc7adcd44f74a7b7d1f07e645c25db715969dc71fb46ce643d346bc354f014
Red Hat Security Advisory 2023-0848-01
Posted Feb 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0848-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, web, overflow, php, vulnerability
systems | linux, redhat
advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-31631, CVE-2022-37454
SHA-256 | d6a1d2c70e7aeefb58c3d6f8d3e365857d79e83f3ce23dcb4126b0c9c7790543
Gentoo Linux Security Advisory 202211-03
Posted Nov 21, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202211-3 - Multiple vulnerabilities have been found in PHP, the worst of which could result in arbitrary code execution. Versions less than 7.4.33:7.4 are affected.

tags | advisory, arbitrary, php, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454
SHA-256 | 9a1678e24b2e3feff0e005708de8cc73ed15cb45dc823e4705b0397f6d11473c
Debian Security Advisory 5277-1
Posted Nov 14, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5277-1 - Multiple security issues were discovered in PHP, a widely-used open source general purpose scripting language which could result an denial of service, information disclosure, insecure cooking handling or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, php, info disclosure
systems | linux, debian
advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454
SHA-256 | 40cb66a9c0c2167146b80561176a952e5901d8ea040e6b36e934347e7c5f4ac6
Ubuntu Security Notice USN-5717-1
Posted Nov 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5717-1 - It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise the data It was discovered that PHP incorrectly handled certain image fonts. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS.

tags | advisory, denial of service, php
systems | linux, ubuntu
advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454
SHA-256 | 5d9c5fa429c56df30e64215e02fbcce857d17b47d4d6b19014cc6d97a3a22070
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close