Filter By Severity
CVESeverity     Type TypeSubjectDate DateAffected Versions Affected VersionsFixed Products
CVE-2022-31630Moderate

Information Disclosure

CVE-2022-31630 php: OOB read due to insufficient input validation in imageloadfont()

2022-10-27

7.4.0 - 7.4.32
8.0.0 - 8.0.24
8.1.0 - 8.1.11
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 2021.3.0
CVE-2022-31628Moderate

Denial of Service

CVE-2022-31628 php: phar wrapper can produce a denial of service when using quine gzip file

2022-09-29

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.30
8.0.0 - 8.0.23
8.1.0 - 8.1.10
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.1.20
ZendServer 9.1.15
ZendServer 2019.1.2
ZendServer 2021.3.0
CVE-2022-31629Moderate

Cross-Site Request Forgery

CVE-2022-31629 php: standard insecure cookie could be treated as a `__Host-` or `__Secure-` cookie by PHP applications

2022-09-29

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.30
8.0.0 - 8.0.23
8.1.0 - 8.1.10
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.5.20
ZendServer 9.1.15
ZendServer 2019.1.2
ZendServer 2021.3.0
CVE-2022-31627Critical

Information Disclosure

CVE-2022-31627 php: heap buffer overflow in finfo_buffer

2022-07-08

8.1.0 - 8.1.7
ZendPHP 8.1
CVE-2022-31625High

Remote Code Execution

CVE-2022-31625 php: uninitialized array in pg_query_params() leading to RCE

2022-05-16

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.29
8.0.0 - 8.0.19
8.1.0 - 8.1.6
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.5.19
ZendServer 9.1.14
ZendServer 2019.1.1
ZendServer 2021.2.0
CVE-2022-31626High

Remote Code Execution

CVE-2022-31626 php: password of excessive length triggers buffer overflow leading to RCE

2022-05-16

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.29
8.0.0 - 8.0.19
8.1.0 - 8.1.6
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.5.19
ZendServer 9.1.14
ZendServer 2019.1.1
ZendServer 2021.2.0
CVE-2021-21708Moderate

Denial of Service

CVE-2021-21708 php: Use after free due to php_filter_float() failing

2022-02-17

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.32
7.4.0 - 7.4.27
8.0.0 - 8.0.15
8.1.0 - 8.1.2
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 9.1.13
ZendServer 2019.1.0
ZendServer 2021.1.2
CVE-2021-21707High

Information Disclosure

CVE-2021-21707 php: special character breaks path in xml parsing

2021-11-15

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.32
7.4.0 - 7.4.25
8.0.0 - 8.0.12
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendServer 2021.1.1
CVE-2021-21703Critical

Privilege Escalation

CVE-2021-21703 php: Local privilege escalation via PHP-FPM

2021-10-20

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.31
7.4.0 - 7.4.24
8.0.0 - 8.0.11
ZendServer 8.5.18
CVE-2021-21702Moderate

Denial of Service

CVE-2021-21702 php: NULL pointer dereference in SoapClient

2021-01-26

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.26
7.4.0 - 7.4.14
8.0.0 - 8.0.1
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendServer 8.5.17
ZendServer 9.1.12
ZendServer 2019.0.7
Page
Sort by severity
Sort by type
Sort by date
Sort by php versions affected