Skip to main content
Skip table of contents

Advisory 2023-03/01 Security Issue with PHP 8.1.0

Vulnerability typePotential Denial of Service Attack
Severity factors

This vulnerability has a CVSS score of 7.5 with a high severity rating

Versions affectedFileCloud Versions 22.1 and earlier
Version fixedFileCloud Version 22.1.1 and later


Description

PHP 8.1.0 allowed large files to be uploaded in a great number of parts which caused the system to consume excessive CPU resources. This exposed FileCloud to potential denial of service attacks. See https://nvd.nist.gov/vuln/detail/CVE-2023-0662 for more information.

Fix

These vulnerabilities have been fixed in FileCloud version 22.1.1.20926 which upgrades PHP to version 8.1.17

What you should do to fix this vulnerability

  • If you are using FileCloud Server, it is recommended that you update to the latest version, which is 22.1.1.20926 or greater. This will resolve the issue.
  • If you are using FileCloud Online, your site has already been updated to the latest version.

If you have any questions about this advisory, please contact FileCloud support.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close