MGASA-2022-0234

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2022-31625 CVE-2022-31626

Published: 18 Jun 2022, 21:30

Last modified:16 Apr 2026, 04:23

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

18 Jun 2022, 21:30

Published

Vulnerability first disclosed

16 Apr 2026, 04:23

Last Modified

Vulnerability information updated

Description

Updated php packages fix security vulnerability CLI -Fixed bug #8575 (CLI closes standard streams too early). Core -Fixed Haiku ZTS builds. Date -Fixed bug #8471 (Segmentation fault when converting immutable and mutable DateTime instances created using reflection). php-fpm - Fixed bug #72185 writes empty fcgi record causing nginx 502. Mysqlnd - Fixed bug #81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626) OPcache - Fixed bug #8466 (ini_get() is optimized out when the option does not exist). Pcntl - Fixed Haiku build. Pgsql - Fixed bug #81720: Uninitialized array in pg_query_params(). (CVE-2022-31625) Soap - Fixed bug #8578 (Error on wrong parameter on SoapHeader constructor). Fixed bug #8538 (SoapClient may strip parts of nmtokens). SPL - Fixed bug #8235 (iterator_count() may run indefinitely). Zip - Fixed type for index in ZipArchive::replaceFile.

Affected Systems

mageia•php
< 8.0.20-3.mga8

MGASA-2022-0234

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)