CVE-2020-7061
heap-buffer-overflow in phar_extract_fileIn PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.
We have discovered 398,049 live websites that are affected by CVE-2020-7061.
Contact us to get more info
Affected Software
| |
---|
Product | PHP |
Category | Programming Languages |
Vulnerable Versions | - from 7.3 before 7.3.15
- from 7.4 before 7.4.3
|
Total Vulnerable Versions | 507 |
Vulnerable Domains | 398,049 live websites (3.29% of PHP install base) |
Common Weakness Enumeration
CWE-125 Out-of-bounds Read
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2020-7061 and the relative popularity of websites