Description
ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is mishandled in a curl_escape call.
Remediation
References
Related Vulnerabilities
WordPress Plugin Crayon Syntax Highlighter 'wp_load' Parameter Remote File Include (1.12.1)
Play Framework Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-12480)
WordPress Plugin Beer Recipes Cross-Site Scripting (1.0)
GlassFish CVE-2017-10385 Vulnerability (CVE-2017-10385)
MongoDb Integer Overflow or Wraparound Vulnerability (CVE-2019-2392)