VDB
GCVE-110-MAGEIA-2020-119
GCVE-110-MAGEIA-2020-119
Advisory Published
Updated php packages fix bugs and security vulnerabilities:
Core:
- Fixed bug #71876 (Memory corruption htmlspecialchars(): charset `*'
not supported).
- Fixed bug #79146 (cscript can fail to run on some systems).
- Fixed bug #78323 (Code 0 is returned on invalid options).
- Fixed bug #76047 (Use-after-free when accessing already destructed
backtrace arguments).
CURL:
- Fixed bug #79078 (Hypothetical use-after-free in curl_multi_add_handle()).
Intl:
- Fixed bug #79212 (NumberFormatter::format() may detect wrong type).
Libxml:
- Fixed bug #79191 (Error in SoapClient ctor disables DOMDocument::save()).
MBString:
- Fixed bug #79154 (mb_convert_encoding() can modify $from_encoding).
MySQLnd:
- Fixed bug #79084 (mysqlnd may fetch wrong column indexes with MYSQLI_BOTH).
OpenSSL:
- Fixed bug #79145 (openssl memory leak).
Phar:
- Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have
all-access permissions). (CVE-2020-7063)
- Fixed bug #79171 (heap-buffer-overflow in phar_extract_file).
(CVE-2020-7061)
- Fixed bug #76584 (PharFileInfo::decompress not working).
Reflection:
- Fixed bug #79115 (ReflectionClass::isCloneable call reflected class
__destruct).
Session:
- Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload
Progress). (CVE-2020-7062)
SPL:
- Fixed bug #79151 (heap use after free caused by
spl_dllist_it_helper_move_forward).
Standard:
- Fixed bug #78902 (Memory leak when using stream_filter_append).
XSL:
- Fixed bug #70078 (XSL callbacks with nodes as parameter leak memory).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | wireless-regdb | 0 (affected), 20200429-1.mga7 (unaffected) | — |
| Mageia | php | 0 (affected), 7.3.15-1.mga7 (unaffected), 7.3.15-1.mga7 (unaffected), 0 (affected) | — |
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.