USN-4330-1

Advisory lineage Upstream: 10 Downstream: 0
Published: 15 Apr 2020, 13:09
Last modified:22 Apr 2026, 10:03

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

15 Apr 2020, 13:09
Published
Vulnerability first disclosed
22 Apr 2026, 10:03
Last Modified
Vulnerability information updated

Description

php5, php7.0, php7.2, php7.3 vulnerabilities It was discovered that PHP incorrectly handled certain file uploads. An attacker could possibly use this issue to cause a crash. (CVE-2020-7062) It was discovered that PHP incorrectly handled certain PHAR archive files. An attacker could possibly use this issue to access sensitive information. (CVE-2020-7063) It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. (CVE-2020-7064) It was discovered that PHP incorrectly handled certain UTF strings. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 19.10. (CVE-2020-7065) It was discovered that PHP incorrectly handled certain URLs. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-7066)

Affected Systems

  • ubuntuphp5

    < 5.5.9+dfsg-1ubuntu4.29+esm11

  • ubuntuphp7.0

    < 7.0.33-0ubuntu0.16.04.14

  • ubuntuphp7.2

    < 7.2.24-0ubuntu0.18.04.4

References (6)