PHP Security Center | Zend by Perforce

CVE	Type	Subject	Date	Affected Versions
CVE-2021-21703	Privilege Escalation	CVE-2021-21703 php: Local privilege escalation via PHP-FPM	2021-10-20	5.6.0 - 5.6.40 7.0.0 - 7.0.33 7.1.0 - 7.1.33 7.2.0 - 7.2.34 7.3.0 - 7.3.31 7.4.0 - 7.4.24 8.0.0 - 8.0.11
CVE-2021-21702	Denial of Service	CVE-2021-21702 php: NULL pointer dereference in SoapClient	2021-01-26	5.6.0 - 5.6.40 7.0.0 - 7.0.33 7.1.0 - 7.1.33 7.2.0 - 7.2.34 7.3.0 - 7.3.26 7.4.0 - 7.4.14 8.0.0 - 8.0.1
CVE-2020-7071	Remote File Inclusion	CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo	2021-01-03	5.6.0 - 5.6.40 7.0.0 - 7.0.33 7.1.0 - 7.1.33 7.2.0 - 7.2.34 7.3.0 - 7.3.25 7.4.0 - 7.4.13 8.0.0
CVE-2020-7068	Information Disclosure	CVE-2020-7068 php: Use of freed hash key in the phar_parse_zipfile function	2020-08-06	5.6.0 - 5.6.40 7.0.0 - 7.0.33 7.1.0 - 7.1.33 7.2.0 - 7.2.32 7.3.0 - 7.3.20 7.4.0 - 7.4.8
CVE-2020-7067	Information Disclosure	out-of-bounds read when using a malformed url-encoded string	2020-04-10	5.6.0 - 5.6.40 7.0.0 - 7.0.33 7.1.0 - 7.1.33 7.2.0 - 7.2.29 7.3.0 - 7.3.16 7.4.0 - 7.4.4
CVE-2020-7064	Information Disclosure	information disclosure in exif_read_data() function	2020-04-01	5.6.0 - 5.6.40 7.0.0 - 7.0.33 7.1.0 - 7.1.33 7.2.0 - 7.2.8 7.3.0 - 7.3.15 7.4.0 - 7.4.3
CVE-2020-7065	Remote Code Execution	by using mb_strtolower() function with UTF-32LE encoding leads to potential code execution	2020-04-01	7.3.0 - 7.3.15 7.4.0 - 7.4.3
CVE-2020-7066	Information Disclosure	information disclosure in function get_headers	2020-04-01	5.6.0 - 5.6.40 7.0.0 - 7.0.33 7.1.3 - 7.1.33 7.2.0 - 7.2.8 7.3.0 - 7.3.15 7.4.0 - 7.4.3
CVE-2020-7062	Denial of Service	NULL pointer dereference in PHP session upload progress	2020-02-04	5.6.0 - 5.6.40 7.0.0 - 7.0.33 7.1.0 - 7.1.33 7.2.0 - 7.2.27 7.3.0 - 7.3.14 7.4.0 - 7.4.2
CVE-2020-7061	Information Disclosure	heap-based buffer overflow in phar_extract_file	2020-01-26	7.3.0 - 7.3.14 7.4.0 - 7.4.2