Medium severity6.5NVD Advisory· Published Feb 27, 2020· Updated Jun 17, 2026
CVE-2020-7061
CVE-2020-7061
Description
In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versions
>= 7.2.0, < 7.2.28+ 2 more
- (no CPE)range: >= 7.2.0, < 7.2.28
- (no CPE)range: >= 7.2.0, < 7.2.28
- (no CPE)range: >= 7.2.0, < 7.2.28
Patches
Vulnerability mechanics
References
3- www.tenable.com/security/tns-2021-14nvdPatchThird Party Advisory
- bugs.php.net/bug.phpnvdExploitVendor Advisory
- security.gentoo.org/glsa/202003-57nvdThird Party Advisory
News mentions
0No linked articles in our index yet.