SecuritySpace - CVE-2022-31630

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2022-31630

Description: In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2022-31630
https://bugs.php.net/bug.php?id=81739
https://bugs.php.net/bug.php?id=81739

CVE ID:	CVE-2022-31630
Description:	In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2022-31630 https://bugs.php.net/bug.php?id=81739 https://bugs.php.net/bug.php?id=81739