NextGuard
UNKNOWNCVE-2020-7061

heap-buffer-overflow in phar_extract_file

Platform

php

Component

php

Fixed in

7.4.3

View on NVD

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.

How to fix

Actualice a PHP versión 7.3.15 o superior, o a la versión 7.4.3 o superior. Esto solucionará la vulnerabilidad de desbordamiento de búfer en la extensión PHAR al extraer archivos en Windows.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free