When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: php

Published: 2020-02-10T07:45:14.320387Z

Updated: 2024-09-17T03:33:06.766Z

Reserved: 2020-01-15T00:00:00

Link: CVE-2020-7060

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-10T08:15:12.797

Modified: 2024-11-21T05:36:35.360

Link: CVE-2020-7060

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-01-23T00:00:00Z

Links: CVE-2020-7060 - Bugzilla