Updated: 2023-03-10 12:28:07.061403
Description:
A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote() of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf(), it is possible to force the function to return a single apostrophe if the function is called on user-supplied input without any length restrictions in place.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0 |
| CVSS Version 3.x | MEDIUM | 5.9 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| EL 6 PHP | php | 7.0 | 5.9 | MEDIUM | Released | CLSA-2023:1675202025 | 2023-01-31 19:53:40 |
| EL 6 PHP | php | 7.2 | 5.9 | MEDIUM | Released | CLSA-2023:1675202629 | 2023-01-31 19:53:40 |
| EL 6 PHP | php | 7.4 | 5.9 | MEDIUM | Released | CLSA-2023:1675203835 | 2023-01-31 19:53:37 |
| EL 6 PHP | php | 5.5 | 5.9 | MEDIUM | Released | CLSA-2023:1675201717 | 2023-01-31 19:53:37 |
| EL 6 PHP | php | 7.3 | 5.9 | MEDIUM | Released | CLSA-2023:1675203363 | 2023-01-31 19:53:40 |
| EL 6 PHP | php | 5.1 | 5.9 | MEDIUM | Released | CLSA-2023:1675197654 | 2023-01-31 16:02:38 |
| EL 6 PHP | php | 5.2 | 5.9 | MEDIUM | Released | CLSA-2023:1675200662 | 2023-01-31 19:53:41 |
| EL 6 PHP | php | 7.1 | 5.9 | MEDIUM | Released | CLSA-2023:1675202314 | 2023-01-31 19:53:40 |
| EL 6 PHP | php | 5.4 | 5.9 | MEDIUM | Released | CLSA-2023:1675201426 | 2023-01-31 19:53:40 |
| EL 6 PHP | php | 5.6 | 5.9 | MEDIUM | Released | CLSA-2023:1675204283 | 2023-01-31 19:53:40 |