First published: Tue Nov 08 2022(Updated: )
It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-31628) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise the data (CVE-2022-31629) It was discovered that PHP incorrectly handled certain image fonts. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS. (CVE-2022-31630) Nicky Mouha discovered that PHP incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS. (CVE-2022-37454)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/php8.1-cli | <8.1.7-1ubuntu3.1 | 8.1.7-1ubuntu3.1 |
Ubuntu Ubuntu | =22.10 | |
All of | ||
ubuntu/php8.1 | <8.1.7-1ubuntu3.1 | 8.1.7-1ubuntu3.1 |
Ubuntu Ubuntu | =22.10 | |
All of | ||
ubuntu/libapache2-mod-php7.4 | <8.1.7-1ubuntu3.1 | 8.1.7-1ubuntu3.1 |
Ubuntu Ubuntu | =22.10 | |
All of | ||
ubuntu/libapache2-mod-php8.0 | <8.1.7-1ubuntu3.1 | 8.1.7-1ubuntu3.1 |
Ubuntu Ubuntu | =22.10 | |
All of | ||
ubuntu/libapache2-mod-php8.1 | <8.1.7-1ubuntu3.1 | 8.1.7-1ubuntu3.1 |
Ubuntu Ubuntu | =22.10 | |
All of | ||
ubuntu/php8.1-zip | <8.1.7-1ubuntu3.1 | 8.1.7-1ubuntu3.1 |
Ubuntu Ubuntu | =22.10 | |
All of | ||
ubuntu/php8.1-cgi | <8.1.7-1ubuntu3.1 | 8.1.7-1ubuntu3.1 |
Ubuntu Ubuntu | =22.10 | |
All of | ||
ubuntu/php8.1-cli | <8.1.2-1ubuntu2.8 | 8.1.2-1ubuntu2.8 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/php8.1 | <8.1.2-1ubuntu2.8 | 8.1.2-1ubuntu2.8 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/libapache2-mod-php7.4 | <8.1.2-1ubuntu2.8 | 8.1.2-1ubuntu2.8 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/libapache2-mod-php8.0 | <8.1.2-1ubuntu2.8 | 8.1.2-1ubuntu2.8 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/libapache2-mod-php8.1 | <8.1.2-1ubuntu2.8 | 8.1.2-1ubuntu2.8 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/php8.1-zip | <8.1.2-1ubuntu2.8 | 8.1.2-1ubuntu2.8 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/php8.1-cgi | <8.1.2-1ubuntu2.8 | 8.1.2-1ubuntu2.8 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/libapache2-mod-php7.4 | <7.4.3-4ubuntu2.15 | 7.4.3-4ubuntu2.15 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/php7.4-zip | <7.4.3-4ubuntu2.15 | 7.4.3-4ubuntu2.15 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/php7.4-cgi | <7.4.3-4ubuntu2.15 | 7.4.3-4ubuntu2.15 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/php7.4 | <7.4.3-4ubuntu2.15 | 7.4.3-4ubuntu2.15 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/php7.4-cli | <7.4.3-4ubuntu2.15 | 7.4.3-4ubuntu2.15 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/php7.2-cli | <7.2.24-0ubuntu0.18.04.15 | 7.2.24-0ubuntu0.18.04.15 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/php7.2 | <7.2.24-0ubuntu0.18.04.15 | 7.2.24-0ubuntu0.18.04.15 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/libapache2-mod-php7.2 | <7.2.24-0ubuntu0.18.04.15 | 7.2.24-0ubuntu0.18.04.15 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/php7.2-cgi | <7.2.24-0ubuntu0.18.04.15 | 7.2.24-0ubuntu0.18.04.15 |
Ubuntu Ubuntu | =18.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)
The vulnerability ID for this PHP vulnerability is CVE-2022-31628.
The PHP vulnerability CVE-2022-31628 can allow an attacker to cause a denial of service.
To fix the PHP vulnerability CVE-2022-31628, you should update to version 8.1.7-1ubuntu3.1 of the PHP package.
The PHP vulnerability CVE-2022-31628 affects Ubuntu versions 22.10, 22.04, 20.04, and 18.04.
You can find more information about the PHP vulnerability CVE-2022-31628 at the following link: [CVE-2022-31628](https://ubuntu.com/security/CVE-2022-31628)