Updated: 2022-10-25 20:06:27.765638
Description:
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | CRITICAL | 9.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| EL 6 PHP | php | 7.3 | 9.8 | CRITICAL | Not Vulnerable | 2022-08-16 11:02:11 | |
| EL 6 PHP | php | 5.2 | 9.8 | CRITICAL | Not Vulnerable | 2022-08-16 11:02:11 | |
| EL 6 PHP | php | 8.2 | 9.8 | CRITICAL | Not Vulnerable | 2023-03-22 14:02:34 | |
| EL 6 PHP | php | 7.2 | 9.8 | CRITICAL | Not Vulnerable | 2022-08-16 11:02:11 | |
| EL 6 PHP | php | 7.1 | 9.8 | CRITICAL | Not Vulnerable | 2022-08-16 14:02:11 | |
| EL 6 PHP | php | 5.6 | 9.8 | CRITICAL | Not Vulnerable | 2022-08-16 14:02:12 | |
| EL 6 PHP | php | 5.1 | 9.8 | CRITICAL | Not Vulnerable | 2022-08-16 11:02:12 | |
| EL 6 PHP | php | 7.4 | 9.8 | CRITICAL | Not Vulnerable | 2022-08-16 14:02:11 | |
| EL 6 PHP | php | 5.4 | 9.8 | CRITICAL | Not Vulnerable | 2022-08-16 11:02:11 | |
| EL 6 PHP | php | 7.0 | 9.8 | CRITICAL | Not Vulnerable | 2022-08-16 14:02:11 |