A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2022-4900 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2179880 | Issue Tracking |
https://security.netapp.com/advisory/ntap-20231130-0008/ |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
30 Nov 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Nov 2023, 17:46
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2179880 - Issue Tracking | |
References | (MISC) https://access.redhat.com/security/cve/CVE-2022-4900 - Vendor Advisory | |
CPE | cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:8.0.0:-:*:*:*:*:*:* cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:7.4.0:-:*:*:*:*:*:* cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:* cpe:2.3:a:php:php:8.1.0:-:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-787 | |
First Time |
Php
Redhat linux Redhat Redhat software Collections Php php |
02 Nov 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-02 16:15
Updated : 2023-12-10 15:14
NVD link : CVE-2022-4900
Mitre link : CVE-2022-4900
CVE.ORG link : CVE-2022-4900
JSON object : View
Products Affected
redhat
- linux
- software_collections
php
- php