Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP Buffer Copy without Checking Size of Input (Classic Buffer Overflow) Vulnerability - CVE-2022-31626 - Vulnerability Database
PHP

PHP Buffer Copy without Checking Size of Input (Classic Buffer Overflow) Vulnerability - CVE-2022-31626

High
Reference: CVE-2022-31626
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-31626
Title: PHP Buffer Copy without Checking Size of Input (Classic Buffer Overflow) Vulnerability
Overview:

In PHP versions 7.4.x below 7.4.30 8.0.x below 8.0.20 and 8.1.x below 8.1.7 when pdo_mysql extension with mysqlnd driver if the third party is allowed to supply host to connect to and the password for the connection password of excessive length can trigger a buffer overflow in PHP which can lead to a remote code execution vulnerability.