vulnerability
Centos Linux: CVE-2020-7065: Moderate: php:7.3 security, bug fix, and enhancement update (CESA-2020:3662)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | 04/01/2020 | 09/09/2020 | 05/27/2021 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
04/01/2020
Added
09/09/2020
Modified
05/27/2021
Description
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.
Solution(s)
centos-upgrade-apcu-panelcentos-upgrade-libzipcentos-upgrade-libzip-debuginfocentos-upgrade-libzip-debugsourcecentos-upgrade-libzip-develcentos-upgrade-libzip-toolscentos-upgrade-libzip-tools-debuginfocentos-upgrade-phpcentos-upgrade-php-bcmathcentos-upgrade-php-bcmath-debuginfocentos-upgrade-php-clicentos-upgrade-php-cli-debuginfocentos-upgrade-php-commoncentos-upgrade-php-common-debuginfocentos-upgrade-php-dbacentos-upgrade-php-dba-debuginfocentos-upgrade-php-dbgcentos-upgrade-php-dbg-debuginfocentos-upgrade-php-debuginfocentos-upgrade-php-debugsourcecentos-upgrade-php-develcentos-upgrade-php-embeddedcentos-upgrade-php-embedded-debuginfocentos-upgrade-php-enchantcentos-upgrade-php-enchant-debuginfocentos-upgrade-php-fpmcentos-upgrade-php-fpm-debuginfocentos-upgrade-php-gdcentos-upgrade-php-gd-debuginfocentos-upgrade-php-gmpcentos-upgrade-php-gmp-debuginfocentos-upgrade-php-intlcentos-upgrade-php-intl-debuginfocentos-upgrade-php-jsoncentos-upgrade-php-json-debuginfocentos-upgrade-php-ldapcentos-upgrade-php-ldap-debuginfocentos-upgrade-php-mbstringcentos-upgrade-php-mbstring-debuginfocentos-upgrade-php-mysqlndcentos-upgrade-php-mysqlnd-debuginfocentos-upgrade-php-odbccentos-upgrade-php-odbc-debuginfocentos-upgrade-php-opcachecentos-upgrade-php-opcache-debuginfocentos-upgrade-php-pdocentos-upgrade-php-pdo-debuginfocentos-upgrade-php-pearcentos-upgrade-php-pecl-apcucentos-upgrade-php-pecl-apcu-debuginfocentos-upgrade-php-pecl-apcu-debugsourcecentos-upgrade-php-pecl-apcu-develcentos-upgrade-php-pecl-rrdcentos-upgrade-php-pecl-rrd-debuginfocentos-upgrade-php-pecl-rrd-debugsourcecentos-upgrade-php-pecl-xdebugcentos-upgrade-php-pecl-xdebug-debuginfocentos-upgrade-php-pecl-xdebug-debugsourcecentos-upgrade-php-pecl-zipcentos-upgrade-php-pecl-zip-debuginfocentos-upgrade-php-pecl-zip-debugsourcecentos-upgrade-php-pgsqlcentos-upgrade-php-pgsql-debuginfocentos-upgrade-php-processcentos-upgrade-php-process-debuginfocentos-upgrade-php-recodecentos-upgrade-php-recode-debuginfocentos-upgrade-php-snmpcentos-upgrade-php-snmp-debuginfocentos-upgrade-php-soapcentos-upgrade-php-soap-debuginfocentos-upgrade-php-xmlcentos-upgrade-php-xml-debuginfocentos-upgrade-php-xmlrpccentos-upgrade-php-xmlrpc-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.