recursive decompression

Laravel Tech Community

Oct 7, 2022 · Information Security

Uncontrolled Recursive Decompression Vulnerability in PHP (CVE-2022-31628)

A PHP vulnerability (CVE-2022-31628) allows uncontrolled recursive decompression of specially crafted gzip files, leading to infinite loops and resource exhaustion, affecting PHP versions 7.4.31, 8.0.0‑8.0.24, and 8.1.0‑8.1.11, and can be mitigated by upgrading to patched releases.

CVE-2022-31628Patchinformation security

0 likes · 2 min read

Uncontrolled Recursive Decompression Vulnerability in PHP (CVE-2022-31628)