Innovate faster and cut risk with PHP experts from Zend Services.
See How Zend Helps Leading Hosting Providers Keep Their Managed Sites on Secure PHP
Learn PHP from PHP experts with free, on-demand, and instructor led courses.
Submit support requests and browse self-service resources.
XML eXternal Entity injection
XML External Entity vector
Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP
Denial of Service
DOS vulnerability when parsing multipart request body
CVE-2022-31631 php: PDO::quote() may return unquoted string due to an integer overflow
CVE-2022-31630 php: OOB read due to insufficient input validation in imageloadfont()
CVE-2022-31628 php: phar wrapper can produce a denial of service when using quine gzip file
Cross-Site Request Forgery
CVE-2022-31629 php: standard insecure cookie could be treated as a `__Host-` or `__Secure-` cookie by PHP applications
CVE-2022-31627 php: heap buffer overflow in finfo_buffer
Remote Code Execution
CVE-2022-31625 php: uninitialized array in pg_query_params() leading to RCE
CVE-2022-31626 php: password of excessive length triggers buffer overflow leading to RCE