CVE-2022-4900

Updated: 2024-11-30 04:45:52.049653

Description:

A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS php 5.3.3 5.5 MEDIUM Ignored 2023-11-13 02:22:49
CentOS 7 ELS php 5.4.16 5.5 MEDIUM Ignored 2024-01-21 08:36:28
CentOS 8.4 ELS php 7.4.6 5.5 MEDIUM Released CLSA-2024:1716485568 2024-05-23 14:27:16
CentOS 8.5 ELS php 7.4.19 5.5 MEDIUM Released CLSA-2024:1716485695 2024-05-23 14:27:19
CloudLinux 6 ELS php 5.3.3 5.5 MEDIUM Ignored 2023-11-13 02:22:49
Oracle Linux 6 ELS php 5.3.3 5.5 MEDIUM Ignored 2023-11-13 02:22:49
Ubuntu 16.04 ELS php 7.0.33 5.5 MEDIUM Not Vulnerable 2024-05-09 10:12:05
Ubuntu 18.04 ELS php 7.2.24-0 5.5 MEDIUM Not Vulnerable 2024-05-09 10:12:05