github.com/khulnasoft-lab/tunnel-db@v0.0.0-20231117205118-74e1113bd007/pkg/vulnsrc/bitnami/testdata/sad/bitnami-vulndb/data/php/BIT-2020-7059.json (about) 1 { 2 "schema_version": "1.5.0", 3 "id": "BIT-2020-7059", 4 "details": "When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.", 5 "aliases": [ 6 "CVE-2020-7059" 7 ] 8 "affected": [ 9 { 10 "package": { 11 "ecosystem": "bitnami", 12 "name": "php", 13 "purl": "pkg:bitnami/php" 14 }, 15 "severity": [ 16 { 17 "type": "CVSS_V3", 18 "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" 19 } 20 ], 21 "ranges": [ 22 { 23 "type": "SEMVER", 24 "events": [ 25 { 26 "introduced": "7.2.0" 27 }, 28 { 29 "fixed": "7.2.27" 30 } 31 ] 32 }, 33 { 34 "type": "SEMVER", 35 "events": [ 36 { 37 "introduced": "7.3.0" 38 }, 39 { 40 "fixed": "7.3.14" 41 } 42 ] 43 }, 44 { 45 "type": "SEMVER", 46 "events": [ 47 { 48 "introduced": "7.4.0" 49 }, 50 { 51 "fixed": "7.4.2" 52 } 53 ] 54 } 55 ] 56 } 57 ], 58 "database_specific": { 59 "severity": "Critical", 60 "cpes": [ 61 "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" 62 ] 63 }, 64 "references": [ 65 { 66 "type": "WEB", 67 "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html" 68 }, 69 { 70 "type": "WEB", 71 "url": "https://bugs.php.net/bug.php?id=79099" 72 }, 73 { 74 "type": "WEB", 75 "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html" 76 }, 77 { 78 "type": "WEB", 79 "url": "https://seclists.org/bugtraq/2020/Feb/27" 80 }, 81 { 82 "type": "WEB", 83 "url": "https://seclists.org/bugtraq/2020/Feb/31" 84 }, 85 { 86 "type": "WEB", 87 "url": "https://seclists.org/bugtraq/2021/Jan/3" 88 }, 89 { 90 "type": "WEB", 91 "url": "https://security.gentoo.org/glsa/202003-57" 92 }, 93 { 94 "type": "WEB", 95 "url": "https://security.netapp.com/advisory/ntap-20200221-0002/" 96 }, 97 { 98 "type": "WEB", 99 "url": "https://usn.ubuntu.com/4279-1/" 100 }, 101 { 102 "type": "WEB", 103 "url": "https://www.debian.org/security/2020/dsa-4626" 104 }, 105 { 106 "type": "WEB", 107 "url": "https://www.debian.org/security/2020/dsa-4628" 108 }, 109 { 110 "type": "WEB", 111 "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" 112 }, 113 { 114 "type": "WEB", 115 "url": "https://www.oracle.com/security-alerts/cpujul2020.html" 116 }, 117 { 118 "type": "WEB", 119 "url": "https://www.tenable.com/security/tns-2021-14" 120 } 121 ], 122 "published": "2023-06-12T14:25:39.868Z", 123 "modified": "2023-07-27T06:48:49.626Z" 124 }