Detections
Analytics

CVE-2022-31631

medium

Description

A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote() of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf(), it is possible to force the function to return a single apostrophe if the function is called on user-supplied input without any length restrictions in place. (CVE-2022-31631)

Details

Source: Mitre, NVD

Published: 2023-09-14

Risk Information

CVSS v2

Base Score: 5.9

Vector: CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:P

Severity: Medium

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: Medium