CVE-2019-9020 vulnerability in NetApp and Other Products
Published on February 22, 2019

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-9020

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-9020 are published in these products:

NetApp Storage Automation Store

PHP

Canonical Ubuntu Linux

Debian Linux

OpenSuse Leap

Exploit Probability

EPSS

2.39%

Percentile

84.99%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-9020 vulnerability in NetApp and Other ProductsPublished on February 22, 2019

Products Associated with CVE-2019-9020

Exploit Probability

CVE-2019-9020 vulnerability in NetApp and Other Products
Published on February 22, 2019