Filter By Severity
CVESeverity     Type TypeSubjectDate DateAffected Versions Affected Versions
CVE-2020-7067Low

排球体育比分直播 www.834807.live Information Disclosure

out-of-bounds read when using a malformed url-encoded string

2020-04-10

7.2.0 - 7.2.29
7.3.0 - 7.3.16
7.4.0 - 7.4.4
Details:

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17, and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), the urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Recommendations:

Upgrade to PHP 7.2.30 or above, 7.3.17 or above, or 7.4.5 or above.

CVE-2020-7064Moderate

Information Disclosure

information disclosure in exif_read_data() function

2020-04-01

7.2.0 - 7.2.8
7.3.0 - 7.3.15
7.4.0 - 7.4.3
Details:

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16, and 7.4.x below 7.4.4, while parsing EXIF data using the exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.

Recommendations:

Upgrade to PHP 7.2.9 or above, 7.3.16 or above, or 7.4.4 or above.

CVE-2020-7065Moderate

Remote Code Execution

by using mb_strtolower() function with UTF-32LE encoding leads to potential code execution

2020-04-01

7.3.0 - 7.3.15
7.4.0 - 7.4.3
Details:

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using the mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite a stack-allocated buffer. This could lead to memory corruption, crashes, and potentially code execution.

Recommendations:

Upgrade to 7.3.16 or above, or 7.4.4 or above.

CVE-2020-7066Low

Remote File Inclusion

information disclosure in function get_headers

2020-04-01

7.2.0 - 7.2.8
7.3.0 - 7.3.15
7.4.0 - 7.4.3
Details:

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with a user-supplied URL, if the URL contains a zero (\u0000) character, the URL will be silently truncated at its first occurence. This may cause some software to make incorrect assumptions about the target of the get_headers(), which could lead to sending information to the wrong server or path on a server.

Recommendations:

Upgrade to 7.2.9 or above, 7.3.16 or above, or 7.4.4 or above.

CVE-2020-7062Moderate

Denial of Service

NULL pointer dereference in PHP session upload progress

2020-02-04

7.2.0 - 7.2.27
7.3.0 - 7.3.14
7.4.0 - 7.4.2
Details:

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15, and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled) and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter a null pointer dereference, which would likely lead to a crash.

Recommendations:

Set the session.upload_progress.cleanup INI value to 1 (enabled).

When possible, upgrade to 7.2.28 or above, 7.3.15 or above, or 7.4.3 or above.

CVE-2020-7061Low

Information Disclosure

heap-based buffer overflow in phar_extract_file

2020-01-26

7.3.0 - 7.3.14
7.4.0 - 7.4.2
Details:

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using the phar extension, certain content inside a PHAR file could lead to reading one-byte past the allocated buffer. This could potentially lead to information disclosure or crash.

Recommendations:

Upgrade to PHP 7.3.15 or higher, or 7.4.3 or higher.

Affected OS:
Windows
Windows
CVE-2020-7059Moderate

Information Disclosure

Out of bounds read in php_strip_tags_ex

2020-01-23

7.2.0 - 7.2.26
7.3.0 - 7.2.13
7.4.0 - 7.4.1
Details:

When using the fgetss() function to read data while stripping HTML tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14, and 7.4.x below 7.4.2, it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.

Recommendations:

fgetss() combines the functionality of fgets() with that of strip_tags(), which removes HTML and PHP tags, as well as null bytes. Considering fgetss() is deprecated, you should not be using it. Instead, you should call strip_tags() on each valid return value of fgets():

while (! feof($fh)) {
    $line = fgets($fh);
    $line = strip_tags($line);
    // do something with $line
}

When possible, upgrade to PHP 7.2.27 or higher, 7.3.14 or higher, or 7.4.2 or higher.

CVE-2020-7060Moderate

Information Disclosure

Global buffer-overflow in mbfl_filt_conv_big5_wchar function

2020-01-23

7.2.0 - 7.2.26
7.3.0 - 7.3.13
7.4.0 - 7.4.1
Details:

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14, and 7.4.x below 7.4.2, it is possible to supply data that will cause the underlying C function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.

Recommendations:

Upgrade to PHP &.2.27 or higher, 7.3.14 or higher, or 7.4.2 or higher.

CVE-2020-7063Moderate

Privilege Escalation

files added to tar with Phar::buildFromIterator have all-access permissions

2020-01-08

7.2.0 - 7.2.27
7.3.0 - 7.3.14
7.4.0 - 7.4.2
Details:

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15, and 7.4.x below 7.4.3, when creating PHAR archive using the PharData::buildFromIterator() method, files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when the archive is extracted.

Recommendations:

Upgrade to PHP 7.2.28 or above, 7.3.15 or above, or 7.4.3 or above.

CVE-2019-11045Moderate

Privilege Escalation

PHP DirectoryIterator class accepts filenames with embedded null byte and treats them as terminating at that byte

2019-12-22

7.2.0 - 7.2.25
7.3.0 - 7.3.12
7.4.0
Details:

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP's DirectoryIterator class accepts filenames with embedded null bytes (\u0000) and treats them as terminating at that byte. This can lead to security vulnerabilities when applications check paths that the code is allowed to access.

Recommendations:

Filter paths and filenames before providing them to the DirectoryIterator constructor:

preg_replace('/\\0/', "", $var);

When possible, update to PHP 7.2.26 or later, PH 7.3.13 or later, or 7.4.1 or later.

Page
Sort by severity
Sort by type
Sort by date
Sort by php versions affected