CVE-2022-31625
published 2022-06-16CVE-2022-31625: In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the…
PriorityP346high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
3.44%
87.5th percentile
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | php7.4 | < php7.4 7.4.30-1+deb11u1 (bullseye) | php7.4 7.4.30-1+deb11u1 (bullseye) |
| msrc | cbl2_php_on_cbl_mariner_2.0 | — | — |
| paloalto | pan-os | — | — |
| php | php | >= 7.4.0 < 7.4.30 | 7.4.30 |
| php | php | >= 8.0.0 < 8.0.20 | 8.0.20 |
| php | php | >= 8.1.0 < 8.1.7 | 8.1.7 |
| php_group | php | >= 7.4.X < 7.4.30 | 7.4.30 |
| php_group | php | >= 8.0.X < 8.0.20 | 8.0.20 |
| php_group | php | >= 8.1.X < 8.1.7 | 8.1.7 |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.1HIGH
vendor_debian8.1HIGH
vendor_msrc8.1HIGH
vendor_redhat8.1HIGH
vendor_ubuntu8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
php7.2 regression
osv·2022-07-07·CVSS 8.1
CVE-2022-31625 [HIGH] php7.2 regression
php7.2 regression
USN-5479-1 fixed vulnerabilities in PHP. Unfortunately that update for
CVE-2022-31625 was incomplete for Ubuntu 18.04 LTS. This update fixes
the problem.
We apologize for the inconvenience.
Original advisory details:
Charles Fol discovered that PHP incorrectly handled initializing certain
arrays when handling the pg_query_params function. A remote attacker could
use this issue to cause PHP to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2022-31625)
Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A
remote attacker could use this issue to cause PHP to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2022-31626)
OSV
php7.0 vulnerabilities
osv·2022-07-04·CVSS 8.1
CVE-2022-31625 [HIGH] php7.0 vulnerabilities
php7.0 vulnerabilities
USN-5479-1 fixed vulnerabilities in PHP. This update provides the
corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
Charles Fol discovered that PHP incorrectly handled initializing certain
arrays when handling the pg_query_params function. A remote attacker could
use this issue to cause PHP to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2022-31625)
Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A
remote attacker could use this issue to cause PHP to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2022-31626)
GHSA
GHSA-wg63-8xjw-5wvx: In PHP versions 7
ghsa_unreviewed·2022-06-17
CVE-2022-31625 [CRITICAL] CWE-763 GHSA-wg63-8xjw-5wvx: In PHP versions 7
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
OSV
CVE-2022-31625: In PHP versions 7
osv·2022-06-16·CVSS 8.1
CVE-2022-31625 [HIGH] CVE-2022-31625: In PHP versions 7
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
OSV
php7.2, php7.4, php8.0, php8.1 vulnerabilities
osv·2022-06-15·CVSS 8.1
CVE-2022-31625 [HIGH] php7.2, php7.4, php8.0, php8.1 vulnerabilities
php7.2, php7.4, php8.0, php8.1 vulnerabilities
Charles Fol discovered that PHP incorrectly handled initializing certain
arrays when handling the pg_query_params function. A remote attacker could
use this issue to cause PHP to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2022-31625)
Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A
remote attacker could use this issue to cause PHP to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2022-31626)
CISA ICS
Festo Didactic SE MES PC
cisa_ics·2026-01-27·CVSS 7.5
[HIGH] Festo Didactic SE MES PC
ICS Advisory
##
Festo Didactic SE MES PC
Release DateJanuary 27, 2026
Alert CodeICSA-26-027-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
MES PCs shipped with Windows 10 come pre-installed with XAMPP. XAMPP is a bundle of third-party open-source applications including the Apache HTTP Server, the MariaDB database and more. From time to time, vulnerabilities in these applications are discovered. These are fixed in newer versions of XAMPP by updating the bundled applications. MES PCs shipped with Windows 10 include a copy of XAMPP which contains around 140 such vulnerabilities listed in this advisory. They can be fixed by replacing XAMPP with Festo Didactic's Factory Control Panel application.
The
Palo Alto
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-02-14·CVSS 9.8
CVE-2017-18342 [CRITICAL] PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2017-18342, CVE-2017-8923, CVE-2017-9120, CVE-2019-1551, CVE-2019-16865, CVE-2019-16905, CVE-2019-19523, CVE-2019-19528, CVE-2019-19911, CVE-2020-0404, CVE-2020-0431, CVE-2020-0466, CVE-2020-10379, CVE-2020-11538, CVE-2020-11608, CVE-2020-12114, CVE-2020-12321, CVE-2020-12362, CVE-2020-12363, CVE-2020-12364, CVE-2020-13757, CVE-2020-14314, CVE-2020-14351, CVE-2020-15778, CVE-2020-1967, CVE-2020-24394, CVE-2020-24504, CVE-2020-25211, CVE-2020-25212, CVE-2020-25284, CVE-2020-25285, CVE-2020-25717, CVE-2020-26541, CVE-2020-2715
Ubuntu
PHP regression
vendor_ubuntu·2022-07-07·CVSS 8.1
CVE-2022-31625 [HIGH] PHP regression
Title: PHP regression
Summary: USN-5479-1 was incomplete and didn't properly fix one of the addressed
issues.
USN-5479-1 fixed vulnerabilities in PHP. Unfortunately that update for
CVE-2022-31625 was incomplete for Ubuntu 18.04 LTS. This update fixes
the problem.
We apologize for the inconvenience.
Original advisory details:
Charles Fol discovered that PHP incorrectly handled initializing certain
arrays when handling the pg_query_params function. A remote attacker could
use this issue to cause PHP to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2022-31625)
Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A
remote attacker could use this issue to cause PHP to crash, resulting in a
denial of service, or possibly execute arbi
Ubuntu
PHP vulnerabilities
vendor_ubuntu·2022-07-04·CVSS 8.1
CVE-2022-31626 [HIGH] PHP vulnerabilities
Title: PHP vulnerabilities
Summary: Several security issues were fixed in PHP.
USN-5479-1 fixed vulnerabilities in PHP. This update provides the
corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
Charles Fol discovered that PHP incorrectly handled initializing certain
arrays when handling the pg_query_params function. A remote attacker could
use this issue to cause PHP to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2022-31625)
Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A
remote attacker could use this issue to cause PHP to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2022-31626)
Instructions: In general, a standard system update will make all the necessary cha
Ubuntu
PHP vulnerabilities
vendor_ubuntu·2022-06-15·CVSS 8.1
CVE-2022-31626 [HIGH] PHP vulnerabilities
Title: PHP vulnerabilities
Summary: Several security issues were fixed in PHP.
Charles Fol discovered that PHP incorrectly handled initializing certain
arrays when handling the pg_query_params function. A remote attacker could
use this issue to cause PHP to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2022-31625)
Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A
remote attacker could use this issue to cause PHP to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2022-31626)
Instructions: In general, a standard system update will make all the necessary changes.
Microsoft
Freeing unallocated memory in php_pgsql_free_params()
vendor_msrc·2022-06-14·CVSS 8.1
CVE-2022-31625 [HIGH] CWE-590 Freeing unallocated memory in php_pgsql_free_params()
Freeing unallocated memory in php_pgsql_free_params()
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
php: php
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.micro
Red Hat
php: Uninitialized array in pg_query_params() leading to RCE
vendor_redhat·2022-05-16·CVSS 8.1
CVE-2022-31625 [HIGH] CWE-824 php: Uninitialized array in pg_query_params() leading to RCE
php: Uninitialized array in pg_query_params() leading to RCE
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
A vulnerability was found in PHP due to an uninitialized array in pg_query_params() function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote attacker with the ability to control query parameters to execute arbitrary code on the system or may cause a denial of serv
Debian
CVE-2022-31625: php7.4 - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, w...
vendor_debian·2022·CVSS 8.1
CVE-2022-31625 [HIGH] CVE-2022-31625: php7.4 - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, w...
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
Scope: local
bullseye: resolved (fixed in 7.4.30-1+deb11u1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://bugs.php.net/bug.php?id=81720https://lists.debian.org/debian-lts-announce/2022/12/msg00030.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/https://security.gentoo.org/glsa/202209-20https://security.netapp.com/advisory/ntap-20220722-0005/https://www.debian.org/security/2022/dsa-5179https://bugs.php.net/bug.php?id=81720https://lists.debian.org/debian-lts-announce/2022/12/msg00030.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/https://security.gentoo.org/glsa/202209-20https://security.netapp.com/advisory/ntap-20220722-0005/https://www.debian.org/security/2022/dsa-5179
2022-06-16
Published