[Forgot Password]
Login  Register Subscribe

26408

 
 

132812

 
 

153671

 
 

909

 
 

123630

 
 

162

Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2020-7069 -- php7.3, php7.0

ID: oval:org.secpod.oval:def:2003693Date: (C)2020-10-08   (M)2020-11-24
Class: VULNERABILITYFamily: unix




In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.

Platform:
Debian 10.x
Debian 9.x
Product:
php7.3
php7.0
Reference:
CVE-2020-7069
CVE    1
CVE-2020-7069
CPE    2
cpe:/o:debian:debian_linux:9.x
cpe:/a:php:php7.0

© SecPod Technologies