• Home

    Email

    Github

    Donate

  • jamesbrine.com.au

CVE-2022-31631 Information

Feb 13, 2025 cve

Description

In PHP versions 8.0. before 8.0.27 8.1. before 8.1.15 8.2. before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite supplying an overly long string may cause the driver to incorrectly quote the data which may further lead to SQL injection vulnerabilities.

Reference

https://bugs.php.net/bug.php?id=81740 https://security.netapp.com/advisory/ntap-20230223-0007/

  • 𝖏𝖆𝖒𝖊𝖘𝖇𝖗𝖎𝖓𝖊.𝖈𝖔𝖒.𝖆𝖚