CVE-2022-31630

CVE-2022-31630

In PHP versions prior to 7.4.33, 8.0.25 and 8.2.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.

Source: CVE-2022-31630

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다