OPENSUSE-SU-2020:0341-1
Advisory lineage Upstream: 4 Downstream: 0
Published: 15 Mar 2020, 05:15
Last modified:04 Feb 2026, 03:05
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
15 Mar 2020, 05:15
Published
Vulnerability first disclosed
04 Feb 2026, 03:05
Last Modified
Vulnerability information updated
Description
Security update for php7 This update for php7 fixes the following issues: - CVE-2020-7062: Fixed a null pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). - CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). - CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). - CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632). This update was imported from the SUSE:SLE-15:Update update project.
Affected Systems
- opensuse•php7-test&distro=openSUSE Leap 15.1
< 7.2.5-lp151.6.22.1
- opensuse•php7&distro=openSUSE Leap 15.1
< 7.2.5-lp151.6.22.1
References (9)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DYGQUQU4K7P2FQVP7DXL3O47ATEEDZED/
- https://bugzilla.suse.com/1162629
- https://bugzilla.suse.com/1162632
- https://bugzilla.suse.com/1165280
- https://bugzilla.suse.com/1165289
- https://www.suse.com/security/cve/CVE-2020-7059
- https://www.suse.com/security/cve/CVE-2020-7060
- https://www.suse.com/security/cve/CVE-2020-7062
- https://www.suse.com/security/cve/CVE-2020-7063