cvelistv5 - CVE-2020-7067

CVE-2020-7067 (GCVE-0-2020-7067)

Vulnerability from cvelistv5 – Published: 2020-04-27 20:38 – Updated: 2024-09-17 02:21

Summary

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-125 - Out-of-bounds Read
CWE-196 - Unsigned to Signed Conversion Error

Assigner

php

References

URL

Tags

	https://www.debian.org/security/2020/dsa-4717	vendor-advisoryx_refsource_DEBIAN
	https://www.debian.org/security/2020/dsa-4719	vendor-advisoryx_refsource_DEBIAN
	https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC
	https://bugs.php.net/bug.php?id=79465	x_refsource_CONFIRM
	https://security.netapp.com/advisory/ntap-2020050…	x_refsource_CONFIRM
	https://www.oracle.com/security-alerts/cpuApr2021.html	x_refsource_MISC
	https://www.tenable.com/security/tns-2021-14	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	PHP Group	PHP	Affected: 7.2.x below 7.2.30 Affected: 7.3.x below 7.3.17 and 7.4.x below 7.4.5

Credits

bigshaq at wearehackerone dot com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:18:03.020Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4717",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4717"
          },
          {
            "name": "DSA-4719",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4719"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=79465"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-14"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PHP",
          "vendor": "PHP Group",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.x below 7.2.30"
            },
            {
              "status": "affected",
              "version": "7.3.x below 7.3.17 and 7.4.x below 7.4.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "bigshaq at wearehackerone dot com"
        }
      ],
      "datePublic": "2020-04-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-196",
              "description": "CWE-196 Unsigned to Signed Conversion Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-22T17:07:31",
        "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
        "shortName": "php"
      },
      "references": [
        {
          "name": "DSA-4717",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4717"
        },
        {
          "name": "DSA-4719",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4719"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=79465"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.tenable.com/security/tns-2021-14"
        }
      ],
      "source": {
        "defect": [
          "https://bugs.php.net/bug.php?id=79465"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "OOB Read in urldecode()",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@php.net",
          "DATE_PUBLIC": "2020-04-14T03:10:00.000Z",
          "ID": "CVE-2020-7067",
          "STATE": "PUBLIC",
          "TITLE": "OOB Read in urldecode()"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PHP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.2.x below 7.2.30"
                          },
                          {
                            "version_value": "7.3.x below 7.3.17 and 7.4.x below 7.4.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "PHP Group"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "bigshaq at wearehackerone dot com"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125 Out-of-bounds Read"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-196 Unsigned to Signed Conversion Error"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4717",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4717"
            },
            {
              "name": "DSA-4719",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4719"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=79465",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=79465"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200504-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "name": "https://www.tenable.com/security/tns-2021-14",
              "refsource": "CONFIRM",
              "url": "https://www.tenable.com/security/tns-2021-14"
            }
          ]
        },
        "source": {
          "defect": [
            "https://bugs.php.net/bug.php?id=79465"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
    "assignerShortName": "php",
    "cveId": "CVE-2020-7067",
    "datePublished": "2020-04-27T20:38:39.634265Z",
    "dateReserved": "2020-01-15T00:00:00",
    "dateUpdated": "2024-09-17T02:21:12.549Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.2.0\", \"versionEndExcluding\": \"7.2.30\", \"matchCriteriaId\": \"BCA61CC4-F137-461B-8B8A-3EC3F502BF33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.3.0\", \"versionEndExcluding\": \"7.3.17\", \"matchCriteriaId\": \"461B71F9-8BE5-4E97-807E-03D180AC6122\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.4.0\", \"versionEndExcluding\": \"7.4.5\", \"matchCriteriaId\": \"AE8B571C-CCD8-418D-A29A-D9EBC06CAE2D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.19.0\", \"matchCriteriaId\": \"41DBA7C7-8084-45F6-B59D-13A9022C34DF\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0.0\", \"versionEndIncluding\": \"8.4.0.5\", \"matchCriteriaId\": \"12981AA7-BBF6-4158-8F7D-9DD3880FDCC1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.\"}, {\"lang\": \"es\", \"value\": \"En PHP versiones 7.2.x por debajo de 7.2.30, versiones 7.3.x debajo de 7.3.17 y versiones 7.4.x por debajo de 7.4.5, si PHP es compilado con soporte EBCDIC (poco com\\u00fan), la funci\\u00f3n urldecode() puede ser hecha para acceder a ubicaciones m\\u00e1s all\\u00e1 del memoria asignada, debido al uso err\\u00f3neo de n\\u00fameros con signo como \\u00edndices de matriz.\"}]",
      "id": "CVE-2020-7067",
      "lastModified": "2024-11-21T05:36:36.513",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@php.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-04-27T21:15:14.593",
      "references": "[{\"url\": \"https://bugs.php.net/bug.php?id=79465\", \"source\": \"security@php.net\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20200504-0001/\", \"source\": \"security@php.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4717\", \"source\": \"security@php.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4719\", \"source\": \"security@php.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\", \"source\": \"security@php.net\", \"tags\": [\"Not Applicable\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"source\": \"security@php.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.tenable.com/security/tns-2021-14\", \"source\": \"security@php.net\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://bugs.php.net/bug.php?id=79465\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20200504-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4717\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4719\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.tenable.com/security/tns-2021-14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security@php.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@php.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}, {\"lang\": \"en\", \"value\": \"CWE-196\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-7067\",\"sourceIdentifier\":\"security@php.net\",\"published\":\"2020-04-27T21:15:14.593\",\"lastModified\":\"2024-11-21T05:36:36.513\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.\"},{\"lang\":\"es\",\"value\":\"En PHP versiones 7.2.x por debajo de 7.2.30, versiones 7.3.x debajo de 7.3.17 y versiones 7.4.x por debajo de 7.4.5, si PHP es compilado con soporte EBCDIC (poco com\u00fan), la funci\u00f3n urldecode() puede ser hecha para acceder a ubicaciones m\u00e1s all\u00e1 del memoria asignada, debido al uso err\u00f3neo de n\u00fameros con signo como \u00edndices de matriz.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@php.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@php.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-196\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.30\",\"matchCriteriaId\":\"BCA61CC4-F137-461B-8B8A-3EC3F502BF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.0\",\"versionEndExcluding\":\"7.3.17\",\"matchCriteriaId\":\"461B71F9-8BE5-4E97-807E-03D180AC6122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndExcluding\":\"7.4.5\",\"matchCriteriaId\":\"AE8B571C-CCD8-418D-A29A-D9EBC06CAE2D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.19.0\",\"matchCriteriaId\":\"41DBA7C7-8084-45F6-B59D-13A9022C34DF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0\",\"versionEndIncluding\":\"8.4.0.5\",\"matchCriteriaId\":\"12981AA7-BBF6-4158-8F7D-9DD3880FDCC1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://bugs.php.net/bug.php?id=79465\",\"source\":\"security@php.net\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200504-0001/\",\"source\":\"security@php.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4717\",\"source\":\"security@php.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4719\",\"source\":\"security@php.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"security@php.net\",\"tags\":[\"Not Applicable\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"security@php.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-14\",\"source\":\"security@php.net\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugs.php.net/bug.php?id=79465\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200504-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4717\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4719\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}

GSD-2020-7067

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-7067

Aliases

CVE-2020-7067

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-7067",
    "description": "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.",
    "id": "GSD-2020-7067",
    "references": [
      "https://www.suse.com/security/cve/CVE-2020-7067.html",
      "https://www.debian.org/security/2020/dsa-4719",
      "https://www.debian.org/security/2020/dsa-4717",
      "https://advisories.mageia.org/CVE-2020-7067.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2020-7067.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-7067"
      ],
      "details": "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.",
      "id": "GSD-2020-7067",
      "modified": "2023-12-13T01:21:52.012156Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@php.net",
        "DATE_PUBLIC": "2020-04-14T03:10:00.000Z",
        "ID": "CVE-2020-7067",
        "STATE": "PUBLIC",
        "TITLE": "OOB Read in urldecode()"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "PHP",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "7.2.x below 7.2.30"
                        },
                        {
                          "version_value": "7.3.x below 7.3.17 and 7.4.x below 7.4.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "PHP Group"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "bigshaq at wearehackerone dot com"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-125 Out-of-bounds Read"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-196 Unsigned to Signed Conversion Error"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "DSA-4717",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2020/dsa-4717"
          },
          {
            "name": "DSA-4719",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2020/dsa-4719"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "name": "https://bugs.php.net/bug.php?id=79465",
            "refsource": "CONFIRM",
            "url": "https://bugs.php.net/bug.php?id=79465"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20200504-0001/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "name": "https://www.tenable.com/security/tns-2021-14",
            "refsource": "CONFIRM",
            "url": "https://www.tenable.com/security/tns-2021-14"
          }
        ]
      },
      "source": {
        "defect": [
          "https://bugs.php.net/bug.php?id=79465"
        ],
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4.5",
                "versionStartIncluding": "7.4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.3.17",
                "versionStartIncluding": "7.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.2.30",
                "versionStartIncluding": "7.2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.19.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.4.0.5",
                "versionStartIncluding": "8.0.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@php.net",
          "ID": "CVE-2020-7067"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.php.net/bug.php?id=79465",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "https://bugs.php.net/bug.php?id=79465"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200504-0001/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
            },
            {
              "name": "DSA-4717",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4717"
            },
            {
              "name": "DSA-4719",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4719"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
              "refsource": "MISC",
              "tags": [
                "Not Applicable",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "name": "https://www.tenable.com/security/tns-2021-14",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.tenable.com/security/tns-2021-14"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-05-16T19:57Z",
      "publishedDate": "2020-04-27T21:15Z"
    }
  }
}

FKIE_CVE-2020-7067

Vulnerability from fkie_nvd - Published: 2020-04-27 21:15 - Updated: 2024-11-21 05:36

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
security@php.net	https://bugs.php.net/bug.php?id=79465	Exploit, Vendor Advisory
security@php.net	https://security.netapp.com/advisory/ntap-20200504-0001/	Third Party Advisory
security@php.net	https://www.debian.org/security/2020/dsa-4717	Third Party Advisory
security@php.net	https://www.debian.org/security/2020/dsa-4719	Third Party Advisory
security@php.net	https://www.oracle.com/security-alerts/cpuApr2021.html	Not Applicable, Third Party Advisory
security@php.net	https://www.oracle.com/security-alerts/cpuoct2020.html	Third Party Advisory
security@php.net	https://www.tenable.com/security/tns-2021-14	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugs.php.net/bug.php?id=79465	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20200504-0001/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2020/dsa-4717	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2020/dsa-4719	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuApr2021.html	Not Applicable, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuoct2020.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/tns-2021-14	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
php	php	*
php	php	*
php	php	*
tenable	tenable.sc	*
oracle	communications_diameter_signaling_router	*
debian	debian_linux	9.0
debian	debian_linux	10.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCA61CC4-F137-461B-8B8A-3EC3F502BF33",
              "versionEndExcluding": "7.2.30",
              "versionStartIncluding": "7.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "461B71F9-8BE5-4E97-807E-03D180AC6122",
              "versionEndExcluding": "7.3.17",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE8B571C-CCD8-418D-A29A-D9EBC06CAE2D",
              "versionEndExcluding": "7.4.5",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DBA7C7-8084-45F6-B59D-13A9022C34DF",
              "versionEndExcluding": "5.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12981AA7-BBF6-4158-8F7D-9DD3880FDCC1",
              "versionEndIncluding": "8.4.0.5",
              "versionStartIncluding": "8.0.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes."
    },
    {
      "lang": "es",
      "value": "En PHP versiones 7.2.x por debajo de 7.2.30, versiones 7.3.x debajo de 7.3.17 y versiones 7.4.x por debajo de 7.4.5, si PHP es compilado con soporte EBCDIC (poco com\u00fan), la funci\u00f3n urldecode() puede ser hecha para acceder a ubicaciones m\u00e1s all\u00e1 del memoria asignada, debido al uso err\u00f3neo de n\u00fameros con signo como \u00edndices de matriz."
    }
  ],
  "id": "CVE-2020-7067",
  "lastModified": "2024-11-21T05:36:36.513",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security@php.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-04-27T21:15:14.593",
  "references": [
    {
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=79465"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2020/dsa-4717"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2020/dsa-4719"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Not Applicable",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-14"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=79465"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2020/dsa-4717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2020/dsa-4719"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-14"
    }
  ],
  "sourceIdentifier": "security@php.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        },
        {
          "lang": "en",
          "value": "CWE-196"
        }
      ],
      "source": "security@php.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2021-AVI-571

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Tenable. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Tenable	N/A	Tenable.sc versions antérieures à 5.19.0

References

Title

Publication Time

Tags

Bulletin de sécurité Tenable tns-2021-14 du 22 juillet 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tenable.sc versions ant\u00e9rieures \u00e0 5.19.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Tenable",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-14042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
    },
    {
      "name": "CVE-2020-7060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7060"
    },
    {
      "name": "CVE-2019-11048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11048"
    },
    {
      "name": "CVE-2020-13434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
    },
    {
      "name": "CVE-2018-14040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2019-11041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11041"
    },
    {
      "name": "CVE-2020-7071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7071"
    },
    {
      "name": "CVE-2019-11045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11045"
    },
    {
      "name": "CVE-2021-21704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21704"
    },
    {
      "name": "CVE-2020-7070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7070"
    },
    {
      "name": "CVE-2020-7069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7069"
    },
    {
      "name": "CVE-2019-11046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11046"
    },
    {
      "name": "CVE-2020-7063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7063"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2019-19646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
    },
    {
      "name": "CVE-2018-20676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
    },
    {
      "name": "CVE-2021-21705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21705"
    },
    {
      "name": "CVE-2019-19919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19919"
    },
    {
      "name": "CVE-2021-23358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23358"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2020-7068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7068"
    },
    {
      "name": "CVE-2018-20677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
    },
    {
      "name": "CVE-2019-11044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11044"
    },
    {
      "name": "CVE-2020-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7064"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2017-5661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5661"
    },
    {
      "name": "CVE-2019-11047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11047"
    },
    {
      "name": "CVE-2020-7067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7067"
    },
    {
      "name": "CVE-2020-7062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7062"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2019-11043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11043"
    },
    {
      "name": "CVE-2020-7065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7065"
    },
    {
      "name": "CVE-2019-11050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11050"
    },
    {
      "name": "CVE-2020-11022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
    },
    {
      "name": "CVE-2020-7066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7066"
    },
    {
      "name": "CVE-2016-10735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
    },
    {
      "name": "CVE-2019-19645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2019-16168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
    },
    {
      "name": "CVE-2020-7061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7061"
    },
    {
      "name": "CVE-2020-7059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7059"
    },
    {
      "name": "CVE-2019-11042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11042"
    },
    {
      "name": "CVE-2019-11049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11049"
    },
    {
      "name": "CVE-2021-21702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21702"
    },
    {
      "name": "CVE-2020-13435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
    },
    {
      "name": "CVE-2019-8331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-571",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-07-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable. Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\ninjection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2021-14 du 22 juillet 2021",
      "url": "https://www.tenable.com/security/tns-2021-14"
    }
  ]
}

CERTFR-2020-AVI-228

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans PHP. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
PHP	PHP	PHP versions 7.3.x antérieures à 7.3.17
PHP	PHP	PHP versions 7.2.x antérieures à 7.2.30
PHP	PHP	PHP versions 7.4.x antérieures à 7.4.5

References

Title

Publication Time

Tags

Bulletin de sécurité PHP 7.4.5	2020-04-16	vendor-advisory
Bulletin de sécurité PHP 7.3.17	2020-04-16	vendor-advisory
Bulletin de sécurité PHP 7.2.30	2020-04-16	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PHP versions 7.3.x ant\u00e9rieures \u00e0 7.3.17",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    },
    {
      "description": "PHP versions 7.2.x ant\u00e9rieures \u00e0 7.2.30",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    },
    {
      "description": "PHP versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7067"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-228",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-04-16T00:00:00.000000"
    },
    {
      "description": "Ajout du bulletin de s\u00e9curit\u00e9 PHP 7.2.30 du 16 avril 2020",
      "revision_date": "2020-04-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans PHP. Elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans PHP",
  "vendor_advisories": [
    {
      "published_at": "2020-04-16",
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.4.5",
      "url": "https://www.php.net/ChangeLog-7.php#7.4.5"
    },
    {
      "published_at": "2020-04-16",
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.3.17",
      "url": "https://www.php.net/ChangeLog-7.php#7.3.17"
    },
    {
      "published_at": "2020-04-16",
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.2.30",
      "url": "https://www.php.net/ChangeLog-7.php#7.2.30"
    }
  ]
}

CERTFR-2021-AVI-571

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Tenable	N/A	Tenable.sc versions antérieures à 5.19.0

References

Title

Publication Time

Tags

Bulletin de sécurité Tenable tns-2021-14 du 22 juillet 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tenable.sc versions ant\u00e9rieures \u00e0 5.19.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Tenable",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-14042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
    },
    {
      "name": "CVE-2020-7060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7060"
    },
    {
      "name": "CVE-2019-11048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11048"
    },
    {
      "name": "CVE-2020-13434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
    },
    {
      "name": "CVE-2018-14040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2019-11041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11041"
    },
    {
      "name": "CVE-2020-7071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7071"
    },
    {
      "name": "CVE-2019-11045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11045"
    },
    {
      "name": "CVE-2021-21704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21704"
    },
    {
      "name": "CVE-2020-7070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7070"
    },
    {
      "name": "CVE-2020-7069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7069"
    },
    {
      "name": "CVE-2019-11046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11046"
    },
    {
      "name": "CVE-2020-7063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7063"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2019-19646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
    },
    {
      "name": "CVE-2018-20676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
    },
    {
      "name": "CVE-2021-21705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21705"
    },
    {
      "name": "CVE-2019-19919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19919"
    },
    {
      "name": "CVE-2021-23358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23358"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2020-7068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7068"
    },
    {
      "name": "CVE-2018-20677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
    },
    {
      "name": "CVE-2019-11044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11044"
    },
    {
      "name": "CVE-2020-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7064"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2017-5661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5661"
    },
    {
      "name": "CVE-2019-11047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11047"
    },
    {
      "name": "CVE-2020-7067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7067"
    },
    {
      "name": "CVE-2020-7062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7062"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2019-11043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11043"
    },
    {
      "name": "CVE-2020-7065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7065"
    },
    {
      "name": "CVE-2019-11050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11050"
    },
    {
      "name": "CVE-2020-11022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
    },
    {
      "name": "CVE-2020-7066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7066"
    },
    {
      "name": "CVE-2016-10735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
    },
    {
      "name": "CVE-2019-19645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2019-16168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
    },
    {
      "name": "CVE-2020-7061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7061"
    },
    {
      "name": "CVE-2020-7059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7059"
    },
    {
      "name": "CVE-2019-11042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11042"
    },
    {
      "name": "CVE-2019-11049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11049"
    },
    {
      "name": "CVE-2021-21702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21702"
    },
    {
      "name": "CVE-2020-13435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
    },
    {
      "name": "CVE-2019-8331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-571",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-07-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable. Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\ninjection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2021-14 du 22 juillet 2021",
      "url": "https://www.tenable.com/security/tns-2021-14"
    }
  ]
}

CERTFR-2020-AVI-228

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans PHP. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
PHP	PHP	PHP versions 7.3.x antérieures à 7.3.17
PHP	PHP	PHP versions 7.2.x antérieures à 7.2.30
PHP	PHP	PHP versions 7.4.x antérieures à 7.4.5

References

Title

Publication Time

Tags

Bulletin de sécurité PHP 7.4.5	2020-04-16	vendor-advisory
Bulletin de sécurité PHP 7.3.17	2020-04-16	vendor-advisory
Bulletin de sécurité PHP 7.2.30	2020-04-16	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PHP versions 7.3.x ant\u00e9rieures \u00e0 7.3.17",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    },
    {
      "description": "PHP versions 7.2.x ant\u00e9rieures \u00e0 7.2.30",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    },
    {
      "description": "PHP versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7067"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-228",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-04-16T00:00:00.000000"
    },
    {
      "description": "Ajout du bulletin de s\u00e9curit\u00e9 PHP 7.2.30 du 16 avril 2020",
      "revision_date": "2020-04-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans PHP. Elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans PHP",
  "vendor_advisories": [
    {
      "published_at": "2020-04-16",
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.4.5",
      "url": "https://www.php.net/ChangeLog-7.php#7.4.5"
    },
    {
      "published_at": "2020-04-16",
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.3.17",
      "url": "https://www.php.net/ChangeLog-7.php#7.3.17"
    },
    {
      "published_at": "2020-04-16",
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.2.30",
      "url": "https://www.php.net/ChangeLog-7.php#7.2.30"
    }
  ]
}

VAR-202004-2062

Vulnerability from variot - Updated: 2023-12-18 10:44

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes. PHP Exists in an out-of-bounds read vulnerability.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A buffer error vulnerability exists in the 'urldecode()' function in PHP 7.2.x prior to 7.2.30, 7.3.x prior to 7.3.17, and 7.4.x prior to 7.4.5. An attacker could exploit this vulnerability to obtain sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

Debian Security Advisory DSA-4719-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 06, 2020 https://www.debian.org/security/faq

Package : php7.3 CVE ID : CVE-2019-11048 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 CVE-2020-7067

Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or potentially the execution of arbitrary code.

For the stable distribution (buster), these problems have been fixed in version 7.3.19-1~deb10u1.

We recommend that you upgrade your php7.3 packages.

For the detailed security status of php7.3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.3

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl8DlcBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TPrg/+O/2SmuM/9AdyHAnRu7SJ0dlkEkF+FIR8SI2O7orDVLMYuNMdzN6oW9e4 oe+hhFE2iIOcl5lskxXLcnmd30izBxJXq+xJ000k6O0AfRZgVul+OTl5zDUJRKod Y1BuoVt2wUw0BT8V2FjYfu8XTGvDVqQVxc/GuZFExI6OkNcj0WFgdMP0wGu1VRxw FExRyZVHlATSVdH04gMI9BK1B4BVNZh05Qwb8bDD5sO16eamXIR6peuES1OJ4jUn YOfUMP2UgVLBywvHe+5VuXIW2AFj02Aw3Zl9Dgw2QTdylJs+ttf30NKWZP44/VFK wuyZa4y7tq2H31w9LBIvWIogYWe6CZYQeCvpVgSkLQwptRXqFSRC9OPTSKCKqnhN x8DXvLj6MzSO3jokZOLxxO473RGnV+WE1jgZ6LWK5LY8h5HjH5xPkef9v4UBpDQ/ UlEtEwMwceZK2jh3aI3yPoWQ2LIXASBe4+u1bG7Iln31MpTWJ/AdZ0sxWgGX1VqT JevU0IqRdKTX5kY8dE6mlje5G15AG1dNFigeWLHMZ1rJ/VSb2kiM4vrqL1lNBZwe jvsbpnyII4OeL/Zc7fEBnnKtzdDdu6PSv8aI1gSnFQCflMx8/nUbbWxu4J4HxGcW EZg1p2IaCW0hVTMhCwFTDH2EgseAS23XwloXp0i49FM23eJwuMM= =CeOY -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202004-2062",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "communications diameter signaling router",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "10.0"
      },
      {
        "model": "php",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "php",
        "version": "7.2.30"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "php",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "php",
        "version": "7.2.0"
      },
      {
        "model": "php",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "php",
        "version": "7.3.17"
      },
      {
        "model": "php",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "php",
        "version": "7.4.0"
      },
      {
        "model": "tenable.sc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "tenable",
        "version": "5.19.0"
      },
      {
        "model": "communications diameter signaling router",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.4.0.5"
      },
      {
        "model": "php",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "php",
        "version": "7.4.5"
      },
      {
        "model": "php",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "php",
        "version": "7.3.0"
      },
      {
        "model": "php",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "the php group",
        "version": "7.2.30 \u306e 7.2.x"
      },
      {
        "model": "php",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "the php group",
        "version": "7.3.17 \u306e 7.3.x"
      },
      {
        "model": "php",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "the php group",
        "version": "7.4.5 \u306e 7.4.x"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7067"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4.5",
                "versionStartIncluding": "7.4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.3.17",
                "versionStartIncluding": "7.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.2.30",
                "versionStartIncluding": "7.2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.19.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.4.0.5",
                "versionStartIncluding": "8.0.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7067"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Debian",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "168864"
      },
      {
        "db": "PACKETSTORM",
        "id": "168881"
      }
    ],
    "trust": 0.2
  },
  "cve": "CVE-2020-7067",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-004899",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-185192",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2020-7067",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-004899",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-7067",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "security@php.net",
            "id": "CVE-2020-7067",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2020-004899",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202004-1407",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-185192",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-7067",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185192"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7067"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7067"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7067"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-1407"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes. PHP Exists in an out-of-bounds read vulnerability.Information may be obtained. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A buffer error vulnerability exists in the \u0027urldecode()\u0027 function in PHP 7.2.x prior to 7.2.30, 7.3.x prior to 7.3.17, and 7.4.x prior to 7.4.5. An attacker could exploit this vulnerability to obtain sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4719-1                   security@debian.org\nhttps://www.debian.org/security/                     Salvatore Bonaccorso\nJuly 06, 2020                         https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : php7.3\nCVE ID         : CVE-2019-11048 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064\n                 CVE-2020-7065 CVE-2020-7066 CVE-2020-7067\n\nMultiple security issues were found in PHP, a widely-used open source\ngeneral purpose scripting language which could result in information\ndisclosure, denial of service or potentially the execution of arbitrary\ncode. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 7.3.19-1~deb10u1. \n\nWe recommend that you upgrade your php7.3 packages. \n\nFor the detailed security status of php7.3 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/php7.3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl8DlcBfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TPrg/+O/2SmuM/9AdyHAnRu7SJ0dlkEkF+FIR8SI2O7orDVLMYuNMdzN6oW9e4\noe+hhFE2iIOcl5lskxXLcnmd30izBxJXq+xJ000k6O0AfRZgVul+OTl5zDUJRKod\nY1BuoVt2wUw0BT8V2FjYfu8XTGvDVqQVxc/GuZFExI6OkNcj0WFgdMP0wGu1VRxw\nFExRyZVHlATSVdH04gMI9BK1B4BVNZh05Qwb8bDD5sO16eamXIR6peuES1OJ4jUn\nYOfUMP2UgVLBywvHe+5VuXIW2AFj02Aw3Zl9Dgw2QTdylJs+ttf30NKWZP44/VFK\nwuyZa4y7tq2H31w9LBIvWIogYWe6CZYQeCvpVgSkLQwptRXqFSRC9OPTSKCKqnhN\nx8DXvLj6MzSO3jokZOLxxO473RGnV+WE1jgZ6LWK5LY8h5HjH5xPkef9v4UBpDQ/\nUlEtEwMwceZK2jh3aI3yPoWQ2LIXASBe4+u1bG7Iln31MpTWJ/AdZ0sxWgGX1VqT\nJevU0IqRdKTX5kY8dE6mlje5G15AG1dNFigeWLHMZ1rJ/VSb2kiM4vrqL1lNBZwe\njvsbpnyII4OeL/Zc7fEBnnKtzdDdu6PSv8aI1gSnFQCflMx8/nUbbWxu4J4HxGcW\nEZg1p2IaCW0hVTMhCwFTDH2EgseAS23XwloXp0i49FM23eJwuMM=\n=CeOY\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7067"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULHUB",
        "id": "VHN-185192"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7067"
      },
      {
        "db": "PACKETSTORM",
        "id": "168864"
      },
      {
        "db": "PACKETSTORM",
        "id": "168881"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-7067",
        "trust": 2.8
      },
      {
        "db": "TENABLE",
        "id": "TNS-2021-14",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-1407",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.1446",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4296",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2307",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2515",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2296",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021072292",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-185192",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7067",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168864",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168881",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185192"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7067"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "db": "PACKETSTORM",
        "id": "168864"
      },
      {
        "db": "PACKETSTORM",
        "id": "168881"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7067"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-1407"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "id": "VAR-202004-2062",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185192"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T10:44:04.210000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Sec Bug #79465",
        "trust": 0.8,
        "url": "https://bugs.php.net/bug.php?id=79465"
      },
      {
        "title": "PHP Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=116907"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2020-1367",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2020-1367"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2020-1368",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2020-1368"
      },
      {
        "title": "Debian Security Advisories: DSA-4717-1 php7.0 -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a27709c513fb18e7ddf6a588532d9735"
      },
      {
        "title": "Debian Security Advisories: DSA-4719-1 php7.3 -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=cf2756dc65762c0fef76f47a73a2324a"
      },
      {
        "title": "Tenable Security Advisories: [R1] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2021-14"
      },
      {
        "title": "php7-internals",
        "trust": 0.1,
        "url": "https://github.com/0xbigshaq/php7-internals "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2020-7067"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-1407"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185192"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7067"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://www.tenable.com/security/tns-2021-14"
      },
      {
        "trust": 1.8,
        "url": "https://bugs.php.net/bug.php?id=79465"
      },
      {
        "trust": 1.8,
        "url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
      },
      {
        "trust": 1.8,
        "url": "https://www.debian.org/security/2020/dsa-4717"
      },
      {
        "trust": 1.8,
        "url": "https://www.debian.org/security/2020/dsa-4719"
      },
      {
        "trust": 1.8,
        "url": "https://www.oracle.com/security-alerts/cpuapr2021.html"
      },
      {
        "trust": 1.8,
        "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
      },
      {
        "trust": 1.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7067"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7067"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.1446/"
      },
      {
        "trust": 0.6,
        "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-v5-is-vulnerable-to-sensitive-information-leak-php-cve-2020-7067/"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021072292"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/php-multiple-vulnerabilities-32047"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2307/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2515"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2296/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4296/"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7064"
      },
      {
        "trust": 0.2,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7066"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7062"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11048"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7063"
      },
      {
        "trust": 0.2,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/125.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/0xbigshaq/php7-internals"
      },
      {
        "trust": 0.1,
        "url": "https://alas.aws.amazon.com/alas-2020-1367.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7065"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/php7.3"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/php7.0"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185192"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7067"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "db": "PACKETSTORM",
        "id": "168864"
      },
      {
        "db": "PACKETSTORM",
        "id": "168881"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7067"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-1407"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-185192"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7067"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "db": "PACKETSTORM",
        "id": "168864"
      },
      {
        "db": "PACKETSTORM",
        "id": "168881"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7067"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-1407"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-04-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-185192"
      },
      {
        "date": "2020-04-27T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-7067"
      },
      {
        "date": "2020-06-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "date": "2020-07-28T19:12:00",
        "db": "PACKETSTORM",
        "id": "168864"
      },
      {
        "date": "2020-07-28T19:12:00",
        "db": "PACKETSTORM",
        "id": "168881"
      },
      {
        "date": "2020-04-27T21:15:14.593000",
        "db": "NVD",
        "id": "CVE-2020-7067"
      },
      {
        "date": "2020-04-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202004-1407"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-05-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-185192"
      },
      {
        "date": "2022-05-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-7067"
      },
      {
        "date": "2020-06-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      },
      {
        "date": "2022-05-16T19:57:47.077000",
        "db": "NVD",
        "id": "CVE-2020-7067"
      },
      {
        "date": "2022-05-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202004-1407"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-1407"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "PHP Out-of-bounds read vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-004899"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202004-1407"
      }
    ],
    "trust": 0.6
  }
}

GHSA-8HQM-3R2C-QG9C

Vulnerability from github – Published: 2022-05-24 17:16 – Updated: 2022-05-24 17:16

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-7067"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-04-27T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.",
  "id": "GHSA-8hqm-3r2c-qg9c",
  "modified": "2022-05-24T17:16:37Z",
  "published": "2022-05-24T17:16:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7067"
    },
    {
      "type": "WEB",
      "url": "https://bugs.php.net/bug.php?id=79465"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20200504-0001"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4717"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4719"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2021-14"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-7067 (GCVE-0-2020-7067)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature