CVE-2022-31629
published 2024-04-29CVE-2022-31629: Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure…
PriorityP348medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
EPSS
49.34%
98.7th percentile
Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | php7.4 | < php7.4 7.4.33-1+deb11u1 (bullseye) | php7.4 7.4.33-1+deb11u1 (bullseye) |
| debian | php7.4 | < php7.4 7.4.33-1+deb11u5 (bullseye) | php7.4 7.4.33-1+deb11u5 (bullseye) |
| debian | php8.2 | < php7.4 7.4.33-1+deb11u5 (bullseye) | php7.4 7.4.33-1+deb11u5 (bullseye) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| msrc | azl3_php_8.3.12-1_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_php_8.1.22-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_php_8.1.28-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_php_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| php | php | < 7.4.31 | 7.4.31 |
| php | php | >= 8.0.0 < 8.0.24 | 8.0.24 |
| php | php | >= 8.1.0 < 8.1.11 | 8.1.11 |
| php_group | php | >= 8.1.* < 8.1.28 | 8.1.28 |
| php_group | php | >= 8.2.* < 8.2.18 | 8.2.18 |
| php_group | php | >= 8.3.* < 8.3.5 | 8.3.5 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_msrc6.5MEDIUM
vendor_oracle6.5MEDIUM
vendor_redhat6.5MEDIUM
vendor_ubuntu2.3LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2024-2756: Due to an incomplete fix to CVE-2022-31629 https://github
osv·2024-04-29·CVSS 6.5
CVE-2024-2756 [MEDIUM] CVE-2024-2756: Due to an incomplete fix to CVE-2022-31629 https://github
Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications.
OSV
php7.0 vulnerabilities
osv·2023-03-02·CVSS 5.5
CVE-2022-31628 [MEDIUM] php7.0 vulnerabilities
php7.0 vulnerabilities
It was discovered that PHP incorrectly handled certain gzip files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-31628)
It was discovered that PHP incorrectly handled certain cookies.
An attacker could possibly use this issue to compromise data integrity.
(CVE-2022-31629)
It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2022-31631)
It was discovered that PHP incorrectly handled resolving long paths. A
remote attacker could possibly use this issue to obtain or modify sensitive
information. (CVE-2023-0568)
It was discovered that PHP incorrectly handled a large number of field and file
parts in HTTP form uploads. A remote atta
OSV
php7.2, php7.4, php8.1 vulnerabilities
osv·2022-11-08·CVSS 5.5
CVE-2022-31628 [MEDIUM] php7.2, php7.4, php8.1 vulnerabilities
php7.2, php7.4, php8.1 vulnerabilities
It was discovered that PHP incorrectly handled certain gzip files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-31628)
It was discovered that PHP incorrectly handled certain cookies.
An attacker could possibly use this issue to compromise the data
(CVE-2022-31629)
It was discovered that PHP incorrectly handled certain image fonts.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS.
(CVE-2022-31630)
Nicky Mouha discovered that PHP incorrectly handled certain SHA-3 operations.
An attacker could possibly use this issue to cause a crash
or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS,
Ubuntu 22
GHSA
GHSA-c43m-486j-j32p: In PHP versions before 7
ghsa_unreviewed·2022-09-29
CVE-2022-31629 [MEDIUM] CWE-1284 GHSA-c43m-486j-j32p: In PHP versions before 7
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
OSV
CVE-2022-31629: In PHP versions before 7
osv·2022-09-28·CVSS 6.5
CVE-2022-31629 [MEDIUM] CVE-2022-31629: In PHP versions before 7
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
CISA ICS
Festo Didactic SE MES PC
cisa_ics·2026-01-27·CVSS 7.5
[HIGH] Festo Didactic SE MES PC
ICS Advisory
##
Festo Didactic SE MES PC
Release DateJanuary 27, 2026
Alert CodeICSA-26-027-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
MES PCs shipped with Windows 10 come pre-installed with XAMPP. XAMPP is a bundle of third-party open-source applications including the Apache HTTP Server, the MariaDB database and more. From time to time, vulnerabilities in these applications are discovered. These are fixed in newer versions of XAMPP by updating the bundled applications. MES PCs shipped with Windows 10 include a copy of XAMPP which contains around 140 such vulnerabilities listed in this advisory. They can be fixed by replacing XAMPP with Festo Didactic's Factory Control Panel application.
The
Red Hat
php: host/secure cookie bypass due to partial CVE-2022-31629 fix
vendor_redhat·2024-04-12·CVSS 6.5
CVE-2024-2756 [MEDIUM] CWE-20 php: host/secure cookie bypass due to partial CVE-2022-31629 fix
php: host/secure cookie bypass due to partial CVE-2022-31629 fix
Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications.
An improper input validation vulnerability was found in PHP. Due to an incomplete fix to CVE-2022-31629, network and same-site attackers can set a standard insecure cookie in the victim's browser.
Statement: The vulnerability in PHP, where an insecure cookie is misinterpreted as a __Host- or __Secure- cookie due to the incomplete fix for CVE-2022-31629, poses a moderate severity risk. While it allows attackers to set cookies with misleading prefixes, bypassing some cooki
Microsoft
__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
vendor_msrc·2024-04-09·CVSS 6.5
CVE-2024-2756 [MEDIUM] CWE-20 __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
php: php
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https:/
Debian
CVE-2024-2756: php7.4 - Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c...
vendor_debian·2024·CVSS 6.5
CVE-2024-2756 [MEDIUM] CVE-2024-2756: php7.4 - Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c...
Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications.
Scope: local
bullseye: resolved (fixed in 7.4.33-1+deb11u5)
Ubuntu
PHP vulnerabilities
vendor_ubuntu·2023-03-02·CVSS 2.3
CVE-2023-0568 [LOW] PHP vulnerabilities
Title: PHP vulnerabilities
Summary: Several security issues were fixed in PHP.
It was discovered that PHP incorrectly handled certain gzip files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-31628)
It was discovered that PHP incorrectly handled certain cookies.
An attacker could possibly use this issue to compromise data integrity.
(CVE-2022-31629)
It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2022-31631)
It was discovered that PHP incorrectly handled resolving long paths. A
remote attacker could possibly use this issue to obtain or modify sensitive
information. (CVE-2023-0568)
It was discovered that PHP incorrectly handled a large number of
Oracle
Oracle Oracle Communications Risk Matrix: Platform (PHP) — CVE-2022-31629
vendor_oracle·2023-01-15·CVSS 6.5
CVE-2022-31629 [MEDIUM] Oracle Oracle Communications Risk Matrix: Platform (PHP) — CVE-2022-31629
Oracle Oracle Communications Risk Matrix: Platform (PHP) vulnerability
CVE: CVE-2022-31629
CVSS: 6.5
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpujan2023 (JAN 2023)
Ubuntu
PHP vulnerabilities
vendor_ubuntu·2022-11-08·CVSS 2.3
CVE-2022-31630 [LOW] PHP vulnerabilities
Title: PHP vulnerabilities
Summary: Several security issues were fixed in PHP.
It was discovered that PHP incorrectly handled certain gzip files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-31628)
It was discovered that PHP incorrectly handled certain cookies.
An attacker could possibly use this issue to compromise the data
(CVE-2022-31629)
It was discovered that PHP incorrectly handled certain image fonts.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS.
(CVE-2022-31630)
Nicky Mouha discovered that PHP incorrectly handled certain SHA-3 operations.
An attacker could possibly use this issue to cause a crash
or execute arbitrary code. This issue
Red Hat
php: standard insecure cookie could be treated as a '__Host-' or '__Secure-' cookie by PHP applications
vendor_redhat·2022-09-29·CVSS 6.5
CVE-2022-31629 [MEDIUM] CWE-20 php: standard insecure cookie could be treated as a '__Host-' or '__Secure-' cookie by PHP applications
php: standard insecure cookie could be treated as a '__Host-' or '__Secure-' cookie by PHP applications
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
A vulnerability was found in PHP due to the way PHP handles HTTP variable names. It interferes with HTTP variable names that clash with ones that have a specific semantic meaning. This vulnerability allows network and same-site attackers to set a standard insecure cookie in the victim's browser, which is treated as a `__Host-` or `__Secure-` cookie by PHP applications, posing a threat to data integrity.
Package: php (Red Hat Enterprise Linux 6) - O
Microsoft
$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
vendor_msrc·2022-09-13·CVSS 6.5
CVE-2022-31629 [MEDIUM] CWE-20 $_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
php: php
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Referen
Debian
CVE-2022-31629: php7.4 - In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables netw...
vendor_debian·2022·CVSS 6.5
CVE-2022-31629 [MEDIUM] CVE-2022-31629: php7.4 - In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables netw...
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
Scope: local
bullseye: resolved (fixed in 7.4.33-1+deb11u1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.openwall.com/lists/oss-security/2024/04/12/11https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4https://lists.debian.org/debian-lts-announce/2024/05/msg00005.htmlhttps://security.netapp.com/advisory/ntap-20240510-0008/http://www.openwall.com/lists/oss-security/2024/04/12/11https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4https://lists.debian.org/debian-lts-announce/2024/05/msg00005.htmlhttps://lists.fedoraproject.org/archives/list/[email protected]/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/https://lists.fedoraproject.org/archives/list/[email protected]/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/https://security.netapp.com/advisory/ntap-20240510-0008/
2024-04-29
Published