When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: php
Published: 2020-02-10T07:45:13.921535Z
Updated: 2024-09-17T02:37:14.052Z
Reserved: 2020-01-15T00:00:00
Link: CVE-2020-7059
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-02-10T08:15:12.673
Modified: 2024-11-21T05:36:35.167
Link: CVE-2020-7059
Redhat