CVE-2022-31627 Information

Description

In PHP versions 8.1.x below 8.1.8 when fileinfo functions such as finfo_buffer due to incorrect patch applied to the third party code from libmagic incorrect function may be used to free allocated memory which may lead to heap corruption.

Reference

https://bugs.php.net/bug.php?id=81723