VYPR
High severity8.1NVD Advisory· Published Jun 16, 2022· Updated Jun 17, 2026

CVE-2022-31625

CVE-2022-31625

Description

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

94

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.