vulnerability
Amazon Linux 2023: CVE-2022-31628: Important priority package update for php8.1
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:M/C:N/I:N/A:C) | Sep 29, 2022 | Feb 17, 2025 | Jul 9, 2025 |
Severity
4
CVSS
(AV:L/AC:L/Au:M/C:N/I:N/A:C)
Published
Sep 29, 2022
Added
Feb 17, 2025
Modified
Jul 9, 2025
Description
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
A vulnerability was found in PHP due to an infinite loop within the phar uncompressor code when processing "quines" gzip files. This vulnerability allows a remote attacker to pass a specially crafted archive to the application, and consume all available system resources, causing a denial of service condition.
A vulnerability was found in PHP due to an infinite loop within the phar uncompressor code when processing "quines" gzip files. This vulnerability allows a remote attacker to pass a specially crafted archive to the application, and consume all available system resources, causing a denial of service condition.
Solutions
amazon-linux-2023-upgrade-php8-1amazon-linux-2023-upgrade-php8-1-bcmathamazon-linux-2023-upgrade-php8-1-bcmath-debuginfoamazon-linux-2023-upgrade-php8-1-cliamazon-linux-2023-upgrade-php8-1-cli-debuginfoamazon-linux-2023-upgrade-php8-1-commonamazon-linux-2023-upgrade-php8-1-common-debuginfoamazon-linux-2023-upgrade-php8-1-dbaamazon-linux-2023-upgrade-php8-1-dba-debuginfoamazon-linux-2023-upgrade-php8-1-dbgamazon-linux-2023-upgrade-php8-1-dbg-debuginfoamazon-linux-2023-upgrade-php8-1-debuginfoamazon-linux-2023-upgrade-php8-1-debugsourceamazon-linux-2023-upgrade-php8-1-develamazon-linux-2023-upgrade-php8-1-embeddedamazon-linux-2023-upgrade-php8-1-embedded-debuginfoamazon-linux-2023-upgrade-php8-1-enchantamazon-linux-2023-upgrade-php8-1-enchant-debuginfoamazon-linux-2023-upgrade-php8-1-ffiamazon-linux-2023-upgrade-php8-1-ffi-debuginfoamazon-linux-2023-upgrade-php8-1-fpmamazon-linux-2023-upgrade-php8-1-fpm-debuginfoamazon-linux-2023-upgrade-php8-1-gdamazon-linux-2023-upgrade-php8-1-gd-debuginfoamazon-linux-2023-upgrade-php8-1-gmpamazon-linux-2023-upgrade-php8-1-gmp-debuginfoamazon-linux-2023-upgrade-php8-1-intlamazon-linux-2023-upgrade-php8-1-intl-debuginfoamazon-linux-2023-upgrade-php8-1-ldapamazon-linux-2023-upgrade-php8-1-ldap-debuginfoamazon-linux-2023-upgrade-php8-1-mbstringamazon-linux-2023-upgrade-php8-1-mbstring-debuginfoamazon-linux-2023-upgrade-php8-1-mysqlndamazon-linux-2023-upgrade-php8-1-mysqlnd-debuginfoamazon-linux-2023-upgrade-php8-1-odbcamazon-linux-2023-upgrade-php8-1-odbc-debuginfoamazon-linux-2023-upgrade-php8-1-opcacheamazon-linux-2023-upgrade-php8-1-opcache-debuginfoamazon-linux-2023-upgrade-php8-1-pdoamazon-linux-2023-upgrade-php8-1-pdo-debuginfoamazon-linux-2023-upgrade-php8-1-pgsqlamazon-linux-2023-upgrade-php8-1-pgsql-debuginfoamazon-linux-2023-upgrade-php8-1-processamazon-linux-2023-upgrade-php8-1-process-debuginfoamazon-linux-2023-upgrade-php8-1-soapamazon-linux-2023-upgrade-php8-1-soap-debuginfoamazon-linux-2023-upgrade-php8-1-tidyamazon-linux-2023-upgrade-php8-1-tidy-debuginfoamazon-linux-2023-upgrade-php8-1-xmlamazon-linux-2023-upgrade-php8-1-xml-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.