NextGuard
UNKNOWNCVE-2020-7060

global buffer-overflow in mbfl_filt_conv_big5_wchar

Platform

php

Component

php

Fixed in

7.4.2

View on NVD

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.

How to fix

Actualice a la última versión de PHP. Si está utilizando PHP 7.2.x, actualice a la versión 7.2.27 o superior. Si está utilizando PHP 7.3.x, actualice a la versión 7.3.14 o superior. Si está utilizando PHP 7.4.x, actualice a la versión 7.4.2 o superior.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free