Site icon API Security Blog

(RHSA-2022:8197) Moderate: php security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

The following packages have been upgraded to a later upstream version: php (8.0.20). (BZ#2095752)

Security Fix(es):

* php: Use after free due to php_filter_float() failing for ints (CVE-2021-21708)

* php: Uninitialized array in pg_query_params() leading to RCE (CVE-2022-31625)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.Read More

Exit mobile version