CVE-2022-31627 php: heap buffer overflow in finfo_buffer

Publication Date2022-07-08
TypeInformation Disclosure
Affected PHP Versions
  • 8.1.0 - 8.1.7
Fixed Product Versions
  • ZendPHP 8.1

CVE Details

A memory corruption issue in the finfo_buffer() function can lead to a heap buffer overflow, leading to information disclosure or denial of service.


If you are on PHP 8.1 and use the fileinfo extension, you should upgrade to 8.1.8 or later.