Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2020-7059
Description:When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.
Test IDs: 1.3.6.1.4.1.25623.1.1.4.2020.14289.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2020-7059
Bugtraq: 20200218 [SECURITY] [DSA 4626-1] php7.3 security update (Google Search)
https://seclists.org/bugtraq/2020/Feb/27
Bugtraq: 20200219 [SECURITY] [DSA 4628-1] php7.0 security update (Google Search)
https://seclists.org/bugtraq/2020/Feb/31
Bugtraq: 20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update (Google Search)
https://seclists.org/bugtraq/2021/Jan/3
https://security.netapp.com/advisory/ntap-20200221-0002/
Debian Security Information: DSA-4626 (Google Search)
https://www.debian.org/security/2020/dsa-4626
Debian Security Information: DSA-4628 (Google Search)
https://www.debian.org/security/2020/dsa-4628
https://security.gentoo.org/glsa/202003-57
https://bugs.php.net/bug.php?id=79099
https://bugs.php.net/bug.php?id=79099
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html
SuSE Security Announcement: openSUSE-SU-2020:0341 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html
https://usn.ubuntu.com/4279-1/




© 1998-2024 E-Soft Inc. All rights reserved.