Description
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
Remediation
References
Related Vulnerabilities
Jenkins Other Vulnerability (CVE-2020-2100)
Oracle Database Server CVE-2015-4923 Vulnerability (CVE-2015-4923)
PostgreSQL Other Vulnerability (CVE-1999-0862)
Three.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-28496)
Dot CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-3187)