Lucene search

K

PRIOn knowledge basePRION:CVE-2020-7060

HistoryFeb 10, 2020 - 8:15 a.m.

Information disclosure

2020-02-1008:15:00

PRIOn knowledge base

www.prio-n.com

11

AI Score

8.6

Confidence

High

EPSS

0.004

Percentile

73.4%

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.

References

lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html

bugs.php.net/bug.php?id=79037

lists.debian.org/debian-lts-announce/2020/02/msg00030.html

seclists.org/bugtraq/2020/Feb/27

seclists.org/bugtraq/2020/Feb/31

seclists.org/bugtraq/2021/Jan/3

security.gentoo.org/glsa/202003-57

security.netapp.com/advisory/ntap-20200221-0002/

usn.ubuntu.com/4279-1/

www.debian.org/security/2020/dsa-4626

www.debian.org/security/2020/dsa-4628

www.oracle.com/security-alerts/cpuApr2021.html

www.oracle.com/security-alerts/cpujul2020.html

www.tenable.com/security/tns-2021-14

AI Score

8.6

Confidence

High

EPSS

0.004

Percentile

73.4%

Related for PRION:CVE-2020-7060

debiancve1 ubuntucve1 nvd1 alpinelinux1 cve1 osv7 redhatcve1 f51 veracode1 cvelist1 nessus38 openvas19 amazon2 mageia1 debian3 fedora2 altlinux3 ibm1 ubuntu2 suse1 gentoo1 redhat2 almalinux1 rocky1 oraclelinux1 oracle2