vulnerability
PHP Vulnerability: CVE-2020-7061
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:N/A:P) | Feb 27, 2020 | Apr 6, 2020 | Aug 11, 2025 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:P)
Published
Feb 27, 2020
Added
Apr 6, 2020
Modified
Aug 11, 2025
Description
In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.
Solutions
php-upgrade-7_3_15php-upgrade-7_4_3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.