VDB

DEBIAN-CVE-2020-7068

DEBIAN-CVE-2020-7068 PUBLISHED CVSS 3.5999999046325684 LOW

In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.

Risk Scores

CVSS 3.1
3.5999999046325684
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L

Affected Products

VendorProductVersions
Debian:11php7.40, 0, 0

Exploit Intelligence

Timeline

  • Sep 9, 2020 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›