Updated: 2023-03-10 12:28:07.061403
Description:
A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote() of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf(), it is possible to force the function to return a single apostrophe if the function is called on user-supplied input without any length restrictions in place.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | NONE | 0 |
CVSS Version 3.x | MEDIUM | 5.9 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
---|---|---|---|---|---|---|---|
EL 6 PHP | php | 8.1 | 5.9 | MEDIUM | Not Vulnerable | 2023-01-13 07:37:27 | |
EL 6 PHP | php | 5.2 | 5.9 | MEDIUM | Released | CLSA-2023:1675200662 | 2023-01-31 19:53:41 |
EL 6 PHP | php | 8.0 | 5.9 | MEDIUM | Not Vulnerable | 2023-01-13 07:37:27 | |
EL 6 PHP | php | 7.3 | 5.9 | MEDIUM | Released | CLSA-2023:1675203363 | 2023-01-31 19:53:40 |
EL 6 PHP | php | 7.1 | 5.9 | MEDIUM | Released | CLSA-2023:1675202314 | 2023-01-31 19:53:40 |
EL 6 PHP | php | 5.4 | 5.9 | MEDIUM | Released | CLSA-2023:1675201426 | 2023-01-31 19:53:40 |
EL 6 PHP | php | 7.4 | 5.9 | MEDIUM | Released | CLSA-2023:1675203835 | 2023-01-31 19:53:37 |
EL 6 PHP | php | 5.1 | 5.9 | MEDIUM | Released | CLSA-2023:1675197654 | 2023-01-31 16:02:38 |
EL 6 PHP | php | 5.5 | 5.9 | MEDIUM | Released | CLSA-2023:1675201717 | 2023-01-31 19:53:37 |
EL 6 PHP | php | 7.0 | 5.9 | MEDIUM | Released | CLSA-2023:1675202025 | 2023-01-31 19:53:40 |