Rocky Linux 8 : php:7.4 (RLSA-2022:6158)
Discription
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6158 advisory. In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service. (CVE-2022-31625) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More
References
Back to Main