Site icon API Security Blog

PHP vulnerabilities

## Releases

* Ubuntu 16.04 ESM

## Packages

* php7.0 – HTML-embedded scripting language interpreter

It was discovered that PHP incorrectly handled certain gzip files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-31628)

It was discovered that PHP incorrectly handled certain cookies.
An attacker could possibly use this issue to compromise data integrity.
(CVE-2022-31629)

It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2022-31631)

It was discovered that PHP incorrectly handled resolving long paths. A
remote attacker could possibly use this issue to obtain or modify sensitive
information. (CVE-2023-0568)

It was discovered that PHP incorrectly handled a large number of field and file
parts in HTTP form uploads. A remote attacker could possibly use this issue to
cause PHP to consume resources, leading to a denial of service. (CVE-2023-0662)Read More

Exit mobile version