When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: php
Published: 2020-01-21T00:00:00
Updated: 2021-07-22T17:07:23
Reserved: 2020-01-15T00:00:00
Link: CVE-2020-7060
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-10T08:15:12.797
Modified: 2022-07-01T12:33:19.773
Link: CVE-2020-7060
JSON object: View
Redhat Information
No data.
CWE