{"api_version":"1","generated_at":"2026-04-23T03:25:30+00:00","cve":"CVE-2020-7059","urls":{"html":"https://cve.report/CVE-2020-7059","api":"https://cve.report/api/cve/CVE-2020-7059.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-7059","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-7059"},"summary":{"title":"CVE-2020-7059","description":"When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.","state":"PUBLIC","assigner":"security@php.net","published_at":"2020-02-10 08:15:00","updated_at":"2022-07-01 12:42:00"},"problem_types":["CWE-125"],"metrics":[],"references":[{"url":"https://bugs.php.net/bug.php?id=79099","name":"https://bugs.php.net/bug.php?id=79099","refsource":"MISC","tags":["Exploit","Vendor Advisory"],"title":"PHP :: Sec Bug #79099 :: OOB read in php_strip_tags_ex","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html","name":"[debian-lts-announce] 20200228 [SECURITY] [DLA 2124-1] php5 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2124-1] php5 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://seclists.org/bugtraq/2020/Feb/27","name":"20200218 [SECURITY] [DSA 4626-1] php7.3 security update","refsource":"BUGTRAQ","tags":[],"title":"Bugtraq: [SECURITY] [DSA 4626-1] php7.3 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpujul2020.html","name":"https://www.oracle.com/security-alerts/cpujul2020.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - July 2020","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html","name":"openSUSE-SU-2020:0341","refsource":"SUSE","tags":[],"title":"[security-announce] openSUSE-SU-2020:0341-1: important: Security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202003-57","name":"GLSA-202003-57","refsource":"GENTOO","tags":[],"title":"PHP: Multiple vulnerabilities (GLSA 202003-57) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.tenable.com/security/tns-2021-14","name":"https://www.tenable.com/security/tns-2021-14","refsource":"CONFIRM","tags":[],"title":"[R1] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable®","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2020/dsa-4628","name":"DSA-4628","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4628-1 php7.0","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2020/dsa-4626","name":"DSA-4626","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4626-1 php7.3","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://seclists.org/bugtraq/2021/Jan/3","name":"20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update","refsource":"BUGTRAQ","tags":[],"title":"Bugtraq: Re: [SECURITY] [DSA 4628-1] php7.0 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20200221-0002/","name":"https://security.netapp.com/advisory/ntap-20200221-0002/","refsource":"CONFIRM","tags":[],"title":"February 2020 PHP Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/4279-1/","name":"USN-4279-1","refsource":"UBUNTU","tags":[],"title":"USN-4279-1: PHP vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://seclists.org/bugtraq/2020/Feb/31","name":"20200219 [SECURITY] [DSA 4628-1] php7.0 security update","refsource":"BUGTRAQ","tags":[],"title":"Bugtraq: [SECURITY] [DSA 4628-1] php7.0 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpuApr2021.html","name":"https://www.oracle.com/security-alerts/cpuApr2021.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - April 2021","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-7059","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7059","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"Reported by wxhusst at gmail dot com","lang":""}],"nvd_cpes":[{"cve_year":"2020","cve_id":"7059","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"7059","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"leap","cpe6":"15.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"7059","vulnerable":"1","versionEndIncluding":"8.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_diameter_signaling_router","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"7059","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"7059","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"7059","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tenable","cpe5":"tenable.sc","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-7059","qid":"296076","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 19.3.0 Missing (CPUJAN2020)"},{"cve":"CVE-2020-7059","qid":"501135","title":"Alpine Linux Security Update for php7"},{"cve":"CVE-2020-7059","qid":"752878","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:4067-1)"},{"cve":"CVE-2020-7059","qid":"940250","title":"AlmaLinux Security Update for php:7.3 (ALSA-2020:3662)"},{"cve":"CVE-2020-7059","qid":"960421","title":"Rocky Linux Security Update for php:7.3 (RLSA-2020:3662)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ASSIGNER":"security@php.net","ID":"CVE-2020-7059","DATE_PUBLIC":"2020-01-21T15:21:00.000Z","STATE":"PUBLIC","TITLE":"OOB read in php_strip_tags_ex"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"PHP","version":{"version_data":[{"version_affected":"<","version_name":"7.2.x","version_value":"7.2.27"},{"version_affected":"<","version_name":"7.3.x","version_value":"7.3.14"},{"version_affected":"<","version_name":"7.4.x","version_value":"7.4.2"}]}}]},"vendor_name":"PHP Group"}]}},"credit":[{"lang":"eng","value":"Reported by wxhusst at gmail dot com"}],"description":{"description_data":[{"lang":"eng","value":"When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-125 Out-of-bounds Read"}]}]},"references":{"reference_data":[{"refsource":"BUGTRAQ","name":"20200218 [SECURITY] [DSA 4626-1] php7.3 security update","url":"https://seclists.org/bugtraq/2020/Feb/27"},{"refsource":"DEBIAN","name":"DSA-4626","url":"https://www.debian.org/security/2020/dsa-4626"},{"refsource":"UBUNTU","name":"USN-4279-1","url":"https://usn.ubuntu.com/4279-1/"},{"refsource":"DEBIAN","name":"DSA-4628","url":"https://www.debian.org/security/2020/dsa-4628"},{"refsource":"BUGTRAQ","name":"20200219 [SECURITY] [DSA 4628-1] php7.0 security update","url":"https://seclists.org/bugtraq/2020/Feb/31"},{"refsource":"MLIST","name":"[debian-lts-announce] 20200228 [SECURITY] [DLA 2124-1] php5 security update","url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html"},{"refsource":"SUSE","name":"openSUSE-SU-2020:0341","url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html"},{"refsource":"GENTOO","name":"GLSA-202003-57","url":"https://security.gentoo.org/glsa/202003-57"},{"url":"https://www.oracle.com/security-alerts/cpujul2020.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"refsource":"MISC","url":"https://bugs.php.net/bug.php?id=79099","name":"https://bugs.php.net/bug.php?id=79099"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20200221-0002/","url":"https://security.netapp.com/advisory/ntap-20200221-0002/"},{"refsource":"BUGTRAQ","name":"20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update","url":"https://seclists.org/bugtraq/2021/Jan/3"},{"url":"https://www.oracle.com/security-alerts/cpuApr2021.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"refsource":"CONFIRM","name":"https://www.tenable.com/security/tns-2021-14","url":"https://www.tenable.com/security/tns-2021-14"}]},"source":{"defect":["https://bugs.php.net/bug.php?id=79099"],"discovery":"EXTERNAL"},"work_around":[{"lang":"eng","value":"Usage of fgetss() has been DEPRECATED as of PHP 7.3.0. Please use strip_tags() or other means sanitizing HTML code. "}]},"nvd":{"publishedDate":"2020-02-10 08:15:00","lastModifiedDate":"2022-07-01 12:42:00","problem_types":["CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":9.1,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.2},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":6.4},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.27","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndExcluding":"7.3.14","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*","versionEndExcluding":"5.19.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0","versionEndIncluding":"8.4","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"7059","Ordinal":"167330","Title":"CVE-2020-7059","CVE":"CVE-2020-7059","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"7059","Ordinal":"1","NoteData":"When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"7059","Ordinal":"2","NoteData":"2020-02-10","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"7059","Ordinal":"3","NoteData":"2021-07-22","Type":"Other","Title":"Modified"}]}}}