Description
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.
Remediation
References
Related Vulnerabilities
WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4)
WordPress Plugin Simple Image Sizes Unspecified Vulnerability (2.2.4)
MySQL CVE-2020-14702 Vulnerability (CVE-2020-14702)
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.23.3)
Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-4322)