Lucene search

K
cvelistMitreCVELIST:CVE-2014-2020
HistoryFeb 18, 2014 - 11:00 a.m.

CVE-2014-2020

2014-02-1811:00:00
mitre
www.cve.org

9.1 High

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.7%

ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226.

9.1 High

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.7%