PHP Security Center | Zend by Perforce

CVE	Type	Subject	Date	Affected Versions
CVE-2021-21702	Denial of Service	CVE-2021-21702 php: NULL pointer dereference in SoapClient	2021-01-26	7.3.0 - 7.3.26 7.4.0 - 7.4.14 8.0.0 - 8.0.1
CVE-2020-7071	Cross-Site Request Forgery	CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo	2021-01-03	5.6 7.0 7.1 7.2 7.3.0 - 7.3.25 7.4.0 - 7.4.13 8.0.0
CVE-2020-7068	Information Disclosure	CVE-2020-7068 php: Use of freed hash key in the phar_parse_zipfile function	2020-08-06	7.2.0 - 7.2.32 7.3.0 - 7.3.20 7.4.0 - 7.4.8
CVE-2020-7070	Cross-Site Request Forgery	CVE-2020-7070 php: PHP parses encoded cookie names so malicious `__Host-` cookies can be sent	2020-06-14	7.2.0 - 7.2.33 7.3.0 - 7.3.22 7.4.0 - 7.4.10
CVE-2020-7067	Information Disclosure	out-of-bounds read when using a malformed url-encoded string	2020-04-10	7.2.0 - 7.2.29 7.3.0 - 7.3.16 7.4.0 - 7.4.4
CVE-2020-7064	Information Disclosure	information disclosure in exif_read_data() function	2020-04-01	7.2.0 - 7.2.8 7.3.0 - 7.3.15 7.4.0 - 7.4.3
CVE-2020-7065	Remote Code Execution	by using mb_strtolower() function with UTF-32LE encoding leads to potential code execution	2020-04-01	7.3.0 - 7.3.15 7.4.0 - 7.4.3
CVE-2020-7066	Remote File Inclusion	information disclosure in function get_headers	2020-04-01	7.2.0 - 7.2.8 7.3.0 - 7.3.15 7.4.0 - 7.4.3
CVE-2020-7062	Denial of Service	NULL pointer dereference in PHP session upload progress	2020-02-04	7.2.0 - 7.2.27 7.3.0 - 7.3.14 7.4.0 - 7.4.2
CVE-2020-7061	Information Disclosure	heap-based buffer overflow in phar_extract_file	2020-01-26	7.3.0 - 7.3.14 7.4.0 - 7.4.2