CVE-2020-7066

Note

PEAR issues should go against php-pear as of xenial
php5 in precise is 5.3 and does not support the Zend API
needed to fix this issue. Since backport this is to
intrusive, marking it as ignored for precise/esm.

Package	Release	Status
php5 Launchpad, Ubuntu, Debian	bionic	Does not exist
	eoan	Does not exist
	focal	Does not exist
	trusty	Released (5.5.9+dfsg-1ubuntu4.29+esm11)
	upstream	Needs triage
	xenial	Does not exist
	Patches: upstream: https://github.com/microsoft/php-src/commit/c3582855b88cfde8e69734da738803b54c2c2e26
php7.0 Launchpad, Ubuntu, Debian	bionic	Does not exist
	eoan	Does not exist
	focal	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Released (7.0.33-0ubuntu0.16.04.14)
php7.2 Launchpad, Ubuntu, Debian	bionic	Released (7.2.24-0ubuntu0.18.04.4)
	eoan	Does not exist
	focal	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
php7.3 Launchpad, Ubuntu, Debian	bionic	Does not exist
	eoan	Released (7.3.11-0ubuntu0.19.10.4)
	focal	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
php7.4 Launchpad, Ubuntu, Debian	bionic	Does not exist
	eoan	Does not exist
	focal	Released (7.4.3-4ubuntu1.1)
	trusty	Does not exist
	upstream	Released (7.4.4)
	xenial	Does not exist

Parameter	Value
Base score	4.3
Attack vector	Network
Attack complexity	Low
Privileges required	None
User interaction	Required
Scope	Unchanged
Confidentiality	Low
Integrity impact	None
Availability impact	None
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Security

CVE-2020-7066

Notes

Priority

Cvss 3 Severity Score

Status

Severity score breakdown

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading