DEBIAN-CVE-2020-7065

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mbstrtolower function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution...

PT-2020-2040 · Php +7 · Php +7

Name of the Vulnerable Software and Affected Versions: PHP versions 7.3.x below 7.3.16 PHP versions 7.4.x below 7.4.4 Description: The issue is related to the use of the mb strtolower function with UTF-32LE encoding in PHP. Certain invalid strings could cause PHP to overwrite the stack-allocated...