When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: php
Published: 2020-02-10T07:45:14.320387Z
Updated: 2024-09-17T03:33:06.766Z
Reserved: 2020-01-15T00:00:00
Link: CVE-2020-7060
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-02-10T08:15:12.797
Modified: 2024-11-21T05:36:35.360
Link: CVE-2020-7060
Redhat