Описание
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | php | Not affected | ||
| Red Hat Enterprise Linux 5 | php53 | Not affected | ||
| Red Hat Enterprise Linux 6 | php | Not affected | ||
| Red Hat Enterprise Linux 7 | php | Will not fix | ||
| Red Hat Software Collections | rh-php70-php | Will not fix | ||
| Red Hat Enterprise Linux 8 | php | Fixed | RHSA-2020:1624 | 28.04.2020 |
| Red Hat Enterprise Linux 8 | php | Fixed | RHSA-2020:3662 | 08.09.2020 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-php71-php | Fixed | RHSA-2019:2519 | 19.08.2019 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-php72-php | Fixed | RHSA-2019:3299 | 01.11.2019 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | rh-php71-php | Fixed | RHSA-2019:2519 | 19.08.2019 |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.3 ...
Function iconv_mime_decode_headers() in versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
Уязвимость функции exif_iif_add_value интерпретатора языка программирования PHP, связанная с чтением данных за допустимыми границами, позволяющая нарушителю получить несанкционированный доступ к информации или вызвать отказ в обслуживании
6.5 Medium
CVSS3