When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: php
Published: 2020-01-21T00:00:00
Updated: 2021-07-22T17:07:28
Reserved: 2020-01-15T00:00:00
Link: CVE-2020-7059
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-10T08:15:12.673
Modified: 2022-07-01T12:42:02.707
Link: CVE-2020-7059
JSON object: View
Redhat Information
No data.
CWE