vulnerability
Alma Linux: CVE-2020-7064: Moderate: php:7.3 security, bug fix, and enhancement update (ALSA-2020-3662)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:N/A:P) | Apr 1, 2020 | May 4, 2022 | Mar 31, 2026 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:P)
Published
Apr 1, 2020
Added
May 4, 2022
Modified
Mar 31, 2026
Description
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.
Solutions
alma-upgrade-apcu-panelalma-upgrade-libzipalma-upgrade-libzip-develalma-upgrade-libzip-toolsalma-upgrade-phpalma-upgrade-php-bcmathalma-upgrade-php-clialma-upgrade-php-commonalma-upgrade-php-dbaalma-upgrade-php-dbgalma-upgrade-php-develalma-upgrade-php-embeddedalma-upgrade-php-enchantalma-upgrade-php-fpmalma-upgrade-php-gdalma-upgrade-php-gmpalma-upgrade-php-intlalma-upgrade-php-jsonalma-upgrade-php-ldapalma-upgrade-php-mbstringalma-upgrade-php-mysqlndalma-upgrade-php-odbcalma-upgrade-php-opcachealma-upgrade-php-pdoalma-upgrade-php-pearalma-upgrade-php-pecl-apcualma-upgrade-php-pecl-apcu-develalma-upgrade-php-pecl-rrdalma-upgrade-php-pecl-xdebugalma-upgrade-php-pecl-zipalma-upgrade-php-pgsqlalma-upgrade-php-processalma-upgrade-php-recodealma-upgrade-php-snmpalma-upgrade-php-soapalma-upgrade-php-xmlalma-upgrade-php-xmlrpc
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.