Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2016-10397HistoryJul 10, 2017 - 2:29 p.m.
CVE-2016-10397
2017-07-1014:29:00
Debian Security Bug Tracker
security-tracker.debian.org
11
0.005 Low
EPSS
Percentile
76.6%
In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:[email protected]/ inputs to the parse_url function (implemented in the php_url_parse_ex function in ext/standard/url.c).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | php7.0 | < 7.0.33-0+deb9u8 | php7.0_7.0.33-0+deb9u8_all.deb |
Related
cve
cve
CVE-2016-10397
2017-07-10 14:29:00
osv
osv
CVE-2016-10397
2017-07-10 14:29:00
php5 - security update
2017-07-21 00:00:00
cvelist
cvelist
CVE-2016-10397
2017-07-10 14:00:00
nvd
nvd
CVE-2016-10397
2017-07-10 14:29:00
redhatcve
redhatcve
CVE-2016-10397
2017-07-17 13:48:32
ubuntucve
ubuntucve
CVE-2016-10397
2017-07-10 00:00:00
ibm
ibm
prion
prion
Code injection
2017-07-10 14:29:00
openvas
openvas
PHP Multiple Vulnerabilities (Nov 2016) - Linux
2017-07-13 00:00:00
PHP Multiple Vulnerabilities (Nov 2016) - Windows
2017-07-13 00:00:00
Debian: Security Advisory (DLA-1034-1)
2018-02-07 00:00:00
nessus
nessus
Debian DLA-1034-1 : php5 security update
2017-07-24 00:00:00
SUSE SLES12 Security Update : php7 (SUSE-SU-2017:2303-1)
2019-01-02 00:00:00
openSUSE Security Update : php5 (openSUSE-2017-1010)
2017-09-06 00:00:00
debian
debian
[SECURITY] [DLA 1034-1] php5 security update
2017-07-21 11:45:57
f5
f5
K20289222 : Multiple PHP vulnerabilities
2017-08-08 00:00:00
suse
suse
Security update for php7 (important)
2017-09-04 12:07:53
Security update for php7 (important)
2017-08-30 19:30:52
ubuntu
ubuntu
PHP vulnerabilities
2017-12-18 00:00:00
PHP vulnerabilities
2017-08-10 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45