Updated: 2023-03-10 12:28:07.061403
Description:
A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote() of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf(), it is possible to force the function to return a single apostrophe if the function is called on user-supplied input without any length restrictions in place.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0 |
| CVSS Version 3.x | MEDIUM | 5.9 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | php | 5.3.3 | 5.9 | MEDIUM | Ignored | 2023-01-09 04:03:06 | |
| CentOS 8.4 ELS | php | 7.4.6 | 5.9 | MEDIUM | Ignored | 2023-03-16 05:05:38 | |
| CentOS 8.5 ELS | php | 7.4.19 | 5.9 | MEDIUM | Ignored | 2023-03-16 05:05:38 | |
| CloudLinux 6 ELS | php | 5.3.3 | 5.9 | MEDIUM | Ignored | 2023-01-09 04:03:06 | |
| Oracle Linux 6 ELS | php | 5.3.3 | 5.9 | MEDIUM | Ignored | 2023-01-09 04:03:06 | |
| Ubuntu 16.04 ELS | php | 7.0.33 | 5.9 | MEDIUM | In Testing | 2023-03-21 08:43:33 |