vulnerability
Oracle Linux: CVE-2022-37454: ELSA-2023-0848: php:8.0 security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:H/Au:N/C:C/I:C/A:C) | Oct 20, 2022 | Feb 23, 2023 | Apr 30, 2025 |
Severity
8
CVSS
(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Published
Oct 20, 2022
Added
Feb 23, 2023
Modified
Apr 30, 2025
Description
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
A flaw was found in the Keccak XKCP SHA-3 reference implementation. The sponge function interface allows partial input data to be processed, and partial output to be produced. When at least one of these has a length of 4294967096 bytes or more, it can result in elimination of cryptographic properties, execution of arbitrary code, or a denial of service.
A flaw was found in the Keccak XKCP SHA-3 reference implementation. The sponge function interface allows partial input data to be processed, and partial output to be produced. When at least one of these has a length of 4294967096 bytes or more, it can result in elimination of cryptographic properties, execution of arbitrary code, or a denial of service.
Solution(s)
oracle-linux-upgrade-apcu-paneloracle-linux-upgrade-libziporacle-linux-upgrade-libzip-develoracle-linux-upgrade-libzip-toolsoracle-linux-upgrade-phporacle-linux-upgrade-php-bcmathoracle-linux-upgrade-php-clioracle-linux-upgrade-php-commonoracle-linux-upgrade-php-dbaoracle-linux-upgrade-php-dbgoracle-linux-upgrade-php-develoracle-linux-upgrade-php-embeddedoracle-linux-upgrade-php-enchantoracle-linux-upgrade-php-ffioracle-linux-upgrade-php-fpmoracle-linux-upgrade-php-gdoracle-linux-upgrade-php-gmporacle-linux-upgrade-php-intloracle-linux-upgrade-php-jsonoracle-linux-upgrade-php-ldaporacle-linux-upgrade-php-mbstringoracle-linux-upgrade-php-mysqlndoracle-linux-upgrade-php-odbcoracle-linux-upgrade-php-opcacheoracle-linux-upgrade-php-pdooracle-linux-upgrade-php-pearoracle-linux-upgrade-php-pecl-apcuoracle-linux-upgrade-php-pecl-apcu-develoracle-linux-upgrade-php-pecl-rrdoracle-linux-upgrade-php-pecl-xdebugoracle-linux-upgrade-php-pecl-xdebug3oracle-linux-upgrade-php-pecl-ziporacle-linux-upgrade-php-pgsqloracle-linux-upgrade-php-processoracle-linux-upgrade-php-snmporacle-linux-upgrade-php-soaporacle-linux-upgrade-php-xmloracle-linux-upgrade-php-xmlrpc
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.