php7 is vulnerable to denial of service. When HTTP file uploads are allowed, overly long filenames or field names could cause the engine to allocate oversized memory storage and stop further processes when the memory limit is hit. This results in the accumulation of uncleaned temporary files exhausting the disk space on the target server.
lists.opensuse.org/opensuse-security-announce/2020-06/msg00045.html
bugs.php.net/bug.php?id=78875
bugs.php.net/bug.php?id=78876
lists.debian.org/debian-lts-announce/2020/06/msg00033.html
lists.fedoraproject.org/archives/list/[email protected]/message/OBA3TFZSP3TB5N4G24SO6BI64RJZXE3D/
lists.fedoraproject.org/archives/list/[email protected]/message/XMDUQ7XFONY3BWTAQQUD3QUGZT6NFZUF/
security.netapp.com/advisory/ntap-20200528-0006/
usn.ubuntu.com/4375-1/
www.debian.org/security/2020/dsa-4717
www.debian.org/security/2020/dsa-4719
www.oracle.com/security-alerts/cpuApr2021.html
www.oracle.com/security-alerts/cpuoct2020.html