NextGuard
UNKNOWNCVE-2020-7059

OOB read in php_strip_tags_ex

Platform

php

Component

php

Fixed in

7.4.2

View on NVD

When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.

How to fix

Actualice a la última versión de PHP. Si está utilizando las versiones 7.2.x, actualice a la versión 7.2.27 o superior. Si está utilizando las versiones 7.3.x, actualice a la versión 7.3.14 o superior. Si está utilizando las versiones 7.4.x, actualice a la versión 7.4.2 o superior.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free
CVE-2020-7059 — Vulnerability Details | NextGuard | NextGuard