CVE-2020-7066

Note

PEAR issues should go against php-pear as of xenial
php5 in precise is 5.3 and does not support the Zend API
needed to fix this issue. Since backport this is to
intrusive, marking it as ignored for precise/esm.

Package	Release	Status
php7.0 Launchpad, Ubuntu, Debian	upstream	Needs triage
	xenial	Released (7.0.33-0ubuntu0.16.04.14)
	bionic	Does not exist
	eoan	Does not exist
	focal	Does not exist
	trusty	Does not exist
php7.3 Launchpad, Ubuntu, Debian	xenial	Does not exist
	bionic	Does not exist
	eoan	Released (7.3.11-0ubuntu0.19.10.4)
	focal	Does not exist
	trusty	Does not exist
	upstream	Needs triage
php7.4 Launchpad, Ubuntu, Debian	bionic	Does not exist
	eoan	Does not exist
	focal	Released (7.4.3-4ubuntu1.1)
	trusty	Does not exist
	upstream	Released (7.4.4)
	xenial	Does not exist
php5 Launchpad, Ubuntu, Debian	bionic	Does not exist
	eoan	Does not exist
	focal	Does not exist
	trusty	Released (5.5.9+dfsg-1ubuntu4.29+esm11) Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
	upstream	Needs triage
	xenial	Does not exist
	Patches: upstream: https://github.com/microsoft/php-src/commit/c3582855b88cfde8e69734da738803b54c2c2e26
php7.2 Launchpad, Ubuntu, Debian	bionic	Released (7.2.24-0ubuntu0.18.04.4)
	eoan	Does not exist
	focal	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist

Parameter	Value
Base score	4.3
Attack vector	Network
Attack complexity	Low
Privileges required	None
User interaction	Required
Scope	Unchanged
Confidentiality	Low
Integrity impact	None
Availability impact	None
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Security

CVE-2020-7066

Notes

Priority

Cvss 3 Severity Score

Status

Severity score breakdown

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading