rpm package
opensuse/tidy&distro=openSUSE Leap 15.1
pkg:rpm/opensuse/tidy&distro=openSUSE%20Leap%2015.1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-7066 | — | < 5.4.0-lp151.3.3.1 | 5.4.0-lp151.3.3.1 | Apr 1, 2020 | In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the | ||
| CVE-2020-7064 | — | < 5.4.0-lp151.3.3.1 | 5.4.0-lp151.3.3.1 | Apr 1, 2020 | In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or c |
- CVE-2020-7066Apr 1, 2020affected < 5.4.0-lp151.3.3.1fixed 5.4.0-lp151.3.3.1
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the
- CVE-2020-7064Apr 1, 2020affected < 5.4.0-lp151.3.3.1fixed 5.4.0-lp151.3.3.1
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or c