CVE-2022-4900

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions PHP (affected versions not specified)

Description A heap buffer overflow issue was discovered in PHP. This occurs when the PHP CLI SERVER WORKERS environment variable is set to a large value. The vulnerability is related to the php cli server startup workers function in the sapi/cli/php cli server.c file of the PHP interpreter. Exploitation of this issue may allow an attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

BDU:2023-02666

BIT-LIBPHP-2022-4900

BIT-PHP-2022-4900

BIT-PHP-MIN-2022-4900

CESA-2023_0848

CVE-2022-4900

DLA-3920-1

RHSA-2023:0848

RHSA-2023_0848

ROSA-SA-2025-2570

SUSE-SU-2023:1583-1

SUSE-SU-2023:1846-1

SUSE-SU-2023:1847-1

SUSE-SU-2023_1846-1

SUSE-SU-2023_1847-1

USN-6757-1

USN-6757-2

Affected Products

Centos

Linuxmint

Php

Red Hat

Suse

Ubuntu

CVE-2022-4900

Weakness Enumeration

Related Identifiers

Affected Products

References · 45