{"api_version":"1","generated_at":"2026-04-23T02:37:44+00:00","cve":"CVE-2022-31625","urls":{"html":"https://cve.report/CVE-2022-31625","api":"https://cve.report/api/cve/CVE-2022-31625.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-31625","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-31625"},"summary":{"title":"CVE-2022-31625","description":"In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.","state":"PUBLIC","assigner":"security@php.net","published_at":"2022-06-16 06:15:00","updated_at":"2023-11-07 03:47:00"},"problem_types":["CWE-763"],"metrics":[],"references":[{"url":"https://security.gentoo.org/glsa/202209-20","name":"GLSA-202209-20","refsource":"GENTOO","tags":[],"title":"PHP: Multiple Vulnerabilities (GLSA 202209-20) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugs.php.net/bug.php?id=81720","name":"https://bugs.php.net/bug.php?id=81720","refsource":"MISC","tags":[],"title":"PHP :: Sec Bug #81720 :: Uninitialized array in pg_query_params() leading to RCE","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20220722-0005/","name":"https://security.netapp.com/advisory/ntap-20220722-0005/","refsource":"CONFIRM","tags":[],"title":"July 2022 PHP Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/","name":"FEDORA-2022-f3fc52428e","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: php-8.1.7-1.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2022/dsa-5179","name":"DSA-5179","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5179-1 php7.4","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/","name":"FEDORA-2022-f3fc52428e","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: php-8.1.7-1.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/","name":"FEDORA-2022-0a96e5b9b1","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: php-8.0.20-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/","name":"FEDORA-2022-0a96e5b9b1","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: php-8.0.20-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html","name":"[debian-lts-announce] 20221215 [SECURITY] [DLA 3243-1] php7.3 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3243-1] php7.3 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-31625","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31625","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"c dot fol at ambionics dot io","lang":""}],"nvd_cpes":[{"cve_year":"2022","cve_id":"31625","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"31625","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"31625","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-31625","qid":"150542","title":"PHP Multiple Remote Code Execution Vulnerabilities (CVE-2022-31626,CVE-2022-31625)"},{"cve":"CVE-2022-31625","qid":"160066","title":"Oracle Enterprise Linux Security Update for php:7.4 (ELSA-2022-6158)"},{"cve":"CVE-2022-31625","qid":"160246","title":"Oracle Enterprise Linux Security Update for php:8.0 (ELSA-2022-7624)"},{"cve":"CVE-2022-31625","qid":"160289","title":"Oracle Enterprise Linux Security Update for Hypertext Preprocessor (PHP) (ELSA-2022-8197)"},{"cve":"CVE-2022-31625","qid":"180815","title":"Debian Security Update for php7.4 (DSA 5179-1)"},{"cve":"CVE-2022-31625","qid":"181332","title":"Debian Security Update for php7.3 (DLA 3243-1)"},{"cve":"CVE-2022-31625","qid":"198831","title":"Ubuntu Security Notification for Hypertext Preprocessor (PHP) Vulnerabilities (USN-5479-1)"},{"cve":"CVE-2022-31625","qid":"240535","title":"Red Hat Update for rh-php73-php (RHSA-2022:5491)"},{"cve":"CVE-2022-31625","qid":"240623","title":"Red Hat Update for php:7.4 (RHSA-2022:6158)"},{"cve":"CVE-2022-31625","qid":"240853","title":"Red Hat Update for php:8.0 security (RHSA-2022:7624)"},{"cve":"CVE-2022-31625","qid":"240866","title":"Red Hat Update for Hypertext Preprocessor (PHP) security (RHSA-2022:8197)"},{"cve":"CVE-2022-31625","qid":"282833","title":"Fedora Security Update for Hypertext Preprocessor (PHP) (FEDORA-2022-f3fc52428e)"},{"cve":"CVE-2022-31625","qid":"282834","title":"Fedora Security Update for Hypertext Preprocessor (PHP) (FEDORA-2022-0a96e5b9b1)"},{"cve":"CVE-2022-31625","qid":"296084","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 50.126.3 Missing (CPUOCT2022)"},{"cve":"CVE-2022-31625","qid":"356076","title":"Amazon Linux Security Advisory for Hypertext Preprocessor (PHP) : ALASPHP8.0-2023-006"},{"cve":"CVE-2022-31625","qid":"356087","title":"Amazon Linux Security Advisory for Hypertext Preprocessor (PHP) : ALASPHP8.0-2023-006"},{"cve":"CVE-2022-31625","qid":"356771","title":"Amazon Linux Security Advisory for Hypertext Preprocessor (PHP) : ALAS2-2023-2375"},{"cve":"CVE-2022-31625","qid":"377358","title":"Alibaba Cloud Linux Security Update for php:7.4 (ALINUX3-SA-2022:0157)"},{"cve":"CVE-2022-31625","qid":"38872","title":"Multiple Vulnerabilities in Hypertext Preprocessor (PHP)"},{"cve":"CVE-2022-31625","qid":"38883","title":"Hypertext Preprocessor (PHP) Multiple Security Vulnerabilities (81719, 81720)"},{"cve":"CVE-2022-31625","qid":"502333","title":"Alpine Linux Security Update for php81"},{"cve":"CVE-2022-31625","qid":"502516","title":"Alpine Linux Security Update for php7"},{"cve":"CVE-2022-31625","qid":"502517","title":"Alpine Linux Security Update for php8"},{"cve":"CVE-2022-31625","qid":"502567","title":"Alpine Linux Security Update for php7"},{"cve":"CVE-2022-31625","qid":"502574","title":"Alpine Linux Security Update for php8"},{"cve":"CVE-2022-31625","qid":"502912","title":"Alpine Linux Security Update for php81"},{"cve":"CVE-2022-31625","qid":"503680","title":"Alpine Linux Security Update for php8"},{"cve":"CVE-2022-31625","qid":"505791","title":"Alpine Linux Security Update for php81"},{"cve":"CVE-2022-31625","qid":"672018","title":"EulerOS Security Update for Hypertext Preprocessor (PHP) (EulerOS-SA-2022-2229)"},{"cve":"CVE-2022-31625","qid":"710633","title":"Gentoo Linux Hypertext Preprocessor (PHP) Multiple Vulnerabilities (GLSA 202209-20)"},{"cve":"CVE-2022-31625","qid":"752263","title":"SUSE Enterprise Linux Security Update for php74 (SUSE-SU-2022:2161-1)"},{"cve":"CVE-2022-31625","qid":"752270","title":"SUSE Enterprise Linux Security Update for php72 (SUSE-SU-2022:2183-1)"},{"cve":"CVE-2022-31625","qid":"752271","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:2185-1)"},{"cve":"CVE-2022-31625","qid":"752289","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:2275-1)"},{"cve":"CVE-2022-31625","qid":"752863","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:3997-1)"},{"cve":"CVE-2022-31625","qid":"752878","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:4067-1)"},{"cve":"CVE-2022-31625","qid":"752898","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:4069-1)"},{"cve":"CVE-2022-31625","qid":"752901","title":"SUSE Enterprise Linux Security Update for php74 (SUSE-SU-2022:4068-1)"},{"cve":"CVE-2022-31625","qid":"753278","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:2292-1)"},{"cve":"CVE-2022-31625","qid":"753350","title":"SUSE Enterprise Linux Security Update for php8 (SUSE-SU-2022:2303-1)"},{"cve":"CVE-2022-31625","qid":"902355","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for Hypertext Preprocessor (PHP) (9943)"},{"cve":"CVE-2022-31625","qid":"940643","title":"AlmaLinux Security Update for php:7.4 (ALSA-2022:6158)"},{"cve":"CVE-2022-31625","qid":"940757","title":"AlmaLinux Security Update for php:8.0 (ALSA-2022:7624)"},{"cve":"CVE-2022-31625","qid":"940810","title":"AlmaLinux Security Update for Hypertext Preprocessor (PHP) (ALSA-2022:8197)"},{"cve":"CVE-2022-31625","qid":"960326","title":"Rocky Linux Security Update for php:7.4 (RLSA-2022:6158)"},{"cve":"CVE-2022-31625","qid":"960472","title":"Rocky Linux Security Update for Hypertext Preprocessor (PHP) (RLSA-2022:8197)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@php.net","DATE_PUBLIC":"2022-06-06T07:00:00.000Z","ID":"CVE-2022-31625","STATE":"PUBLIC","TITLE":"Freeing unallocated memory in php_pgsql_free_params()"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"PHP","version":{"version_data":[{"version_affected":"<","version_name":"7.4.X","version_value":"7.4.30"},{"version_affected":"<","version_name":"8.0.X","version_value":"8.0.20"},{"version_affected":"<","version_name":"8.1.X","version_value":"8.1.7"}]}}]},"vendor_name":"PHP Group"}]}},"configuration":[{"lang":"eng","value":"pgsql extension enabled"}],"credit":[{"lang":"eng","value":"c dot fol at ambionics dot io"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-590 Free of Memory not on the Heap"}]},{"description":[{"lang":"eng","value":"CWE-824 Access of Uninitialized Pointer"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://bugs.php.net/bug.php?id=81720","name":"https://bugs.php.net/bug.php?id=81720"},{"refsource":"FEDORA","name":"FEDORA-2022-0a96e5b9b1","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/"},{"refsource":"FEDORA","name":"FEDORA-2022-f3fc52428e","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/"},{"refsource":"DEBIAN","name":"DSA-5179","url":"https://www.debian.org/security/2022/dsa-5179"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20220722-0005/","url":"https://security.netapp.com/advisory/ntap-20220722-0005/"},{"refsource":"GENTOO","name":"GLSA-202209-20","url":"https://security.gentoo.org/glsa/202209-20"},{"refsource":"MLIST","name":"[debian-lts-announce] 20221215 [SECURITY] [DLA 3243-1] php7.3 security update","url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html"}]},"source":{"defect":["https://bugs.php.net/bug.php?id=81720"],"discovery":"EXTERNAL"}},"nvd":{"publishedDate":"2022-06-16 06:15:00","lastModifiedDate":"2023-11-07 03:47:00","problem_types":["CWE-763"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.8},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0","versionEndExcluding":"8.1.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.20","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.30","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}