VYPR

rpm package

suse/tidy&distro=SUSE Linux Enterprise Module for Development Tools 15 SP1

pkg:rpm/suse/tidy&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1

Vulnerabilities (2)

  • CVE-2020-7066Apr 1, 2020
    affected < 5.4.0-3.2.1fixed 5.4.0-3.2.1

    In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the

  • CVE-2020-7064Apr 1, 2020
    affected < 5.4.0-3.2.1fixed 5.4.0-3.2.1

    In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or c