php:8.0/php-mbstring vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the php:8.0/php-mbstring package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Out-of-Bounds	<0:8.0.30-1.module_el8.8.0+3655+3335cff6
H XML External Entity (XXE) Injection	<0:8.0.30-1.module_el8.8.0+3655+3335cff6
H Use of Insufficiently Random Values	<0:8.0.30-1.module_el8.8.0+3655+3335cff6
H Resource Exhaustion	<0:8.0.30-1.module_el8.8.0+3655+3335cff6
H Allocation of Resources Without Limits or Throttling	<0:8.0.30-1.module_el8.8.0+3655+3335cff6
H Use of Password Hash With Insufficient Computational Effort	<0:8.0.30-1.module_el8.8.0+3655+3335cff6
M Release of Invalid Pointer or Reference	<0:8.0.20-2.module_el8.7.0+3286+6cee236e
M Use After Free	<0:8.0.20-2.module_el8.7.0+3286+6cee236e
M Integer Overflow or Wraparound	<0:8.0.27-1.module_el8.7.0+3401+dfb61c00
M CVE-2022-31631	<0:8.0.27-1.module_el8.7.0+3401+dfb61c00
M Out-of-bounds Read	<0:8.0.27-1.module_el8.7.0+3401+dfb61c00
M CVE-2022-31629	<0:8.0.27-1.module_el8.7.0+3401+dfb61c00
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:8.0.27-1.module_el8.7.0+3401+dfb61c00