Announcing Incident Command! The AI powered Next-Gen SIEMLearn more.

vulnerability

PHP Vulnerability: CVE-2022-31628

Severity
1
CVSS
(AV:L/AC:L/Au:M/C:N/I:N/A:P)
Published
Sep 28, 2022
Added
Nov 2, 2022
Modified
Jul 28, 2025

Description

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Solution(s)

php-upgrade-7_4_31php-upgrade-8_0_24php-upgrade-8_1_11
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.