cbcvebase.
CVE-2022-31629
published 2024-04-29

CVE-2022-31629: Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure…

PriorityP348medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
EPSS
49.34%
98.7th percentile
Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications.

Affected

22 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debiandebian_linux
debianphp7.4< php7.4 7.4.33-1+deb11u1 (bullseye)php7.4 7.4.33-1+deb11u1 (bullseye)
debianphp7.4< php7.4 7.4.33-1+deb11u5 (bullseye)php7.4 7.4.33-1+deb11u5 (bullseye)
debianphp8.2< php7.4 7.4.33-1+deb11u5 (bullseye)php7.4 7.4.33-1+deb11u5 (bullseye)
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
msrcazl3_php_8.3.12-1_on_azure_linux_3.0
msrcazure_linux_3.0_arm
msrcazure_linux_3.0_x64
msrccbl2_php_8.1.22-2_on_cbl_mariner_2.0
msrccbl2_php_8.1.28-1_on_cbl_mariner_2.0
msrccbl2_php_on_cbl_mariner_2.0
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64
phpphp< 7.4.317.4.31
phpphp>= 8.0.0 < 8.0.248.0.24
phpphp>= 8.1.0 < 8.1.118.1.11
php_groupphp>= 8.1.* < 8.1.288.1.28
php_groupphp>= 8.2.* < 8.2.188.2.18
php_groupphp>= 8.3.* < 8.3.58.3.5

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_msrc6.5MEDIUM
vendor_oracle6.5MEDIUM
vendor_redhat6.5MEDIUM
vendor_ubuntu2.3LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.