Security Advisory

CVE-2020-7068

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-09 17:58:42

Last updated 2024-09-17 00:36:03

Assigner php

State PUBLISHED

Description

In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.

← Browse all CVEs View on cve.org ↗