PHP PHP : Security vulnerabilities, CVEs memory corruption published in April 2020

CVE-2020-7065

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.

Max CVSS

8.8

EPSS Score

0.50%

Published

2020-04-01

Updated

2021-12-02

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

PHP » PHP : Security Vulnerabilities, CVEs, Published In April 2020 (Memory corruption)

CVE-2020-7065