Lucene search
PRIOn knowledge basePRION:CVE-2020-7071HistoryFeb 15, 2021 - 4:15 a.m.
Design/Logic Flaw
2021-02-1504:15:00
PRIOn knowledge base
www.prio-n.com
9
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL.
Related
openvas
openvas
Fedora: Security Advisory for php (FEDORA-2021-ca0e53d310)
2021-01-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:0126-1)
2021-06-09 00:00:00
nessus
nessus
Fedora 32 : php (2021-ca0e53d310)
2021-01-20 00:00:00
openSUSE Security Update : php7 (openSUSE-2021-106)
2021-01-25 00:00:00
SUSE SLES12 Security Update : php74 (SUSE-SU-2021:0126-1)
2021-01-15 00:00:00
nvd
nvd
CVE-2020-7071
2021-02-15 04:15:12
archlinux
archlinux
[ASA-202101-9] php: insufficient validation
2021-01-12 00:00:00
[ASA-202107-16] php7: multiple issues
2021-07-06 00:00:00
[ASA-202107-15] php: multiple issues
2021-07-06 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: php-7.4.14-1.fc33
2021-01-14 01:40:08
[SECURITY] Fedora 32 Update: php-7.4.14-1.fc32
2021-01-16 01:23:34
cve
cve
CVE-2020-7071
2021-02-15 04:15:12
osv
osv
CVE-2020-7071
2021-02-15 04:15:12
BIT-php-2020-7071
2024-03-06 11:05:46
php7.3 - security update
2021-02-17 00:00:00
alpinelinux
alpinelinux
CVE-2020-7071
2021-02-15 04:15:12
veracode
veracode
Privilege Escalation
2021-01-07 17:05:16
cbl_mariner
cbl_mariner
CVE-2020-7071 affecting package php 7.4.14-3
2024-07-05 21:08:40
suse
suse
Security update for php7 (moderate)
2021-01-18 00:00:00
Security update for php7 (moderate)
2021-01-17 00:00:00
mageia
mageia
Updated php packages fix security vulnerability
2021-01-14 18:13:25
cvelist
cvelist
CVE-2020-7071 FILTER_VALIDATE_URL accepts URLs with invalid userinfo
2021-01-04 00:00:00
debiancve
debiancve
CVE-2020-7071
2021-02-15 04:15:12
ubuntucve
ubuntucve
CVE-2020-7071
2021-02-15 00:00:00
redhatcve
redhatcve
CVE-2020-7071
2021-01-07 17:44:44
gentoo
gentoo
PHP: Multiple vulnerabilities
2021-05-26 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2021-07-13 00:00:00
PHP vulnerabilities
2021-07-07 00:00:00
redhat
redhat
debian
debian
[SECURITY] [DLA 2708-1] php7.0 security update
2021-07-15 13:01:58
[SECURITY] [DSA 4856-1] php7.3 security update
2021-02-17 22:08:33
oraclelinux
oraclelinux
php:7.4 security, bug fix, and enhancement update
2021-11-16 00:00:00
almalinux
almalinux
Moderate: php:7.4 security, bug fix, and enhancement update
2021-11-09 08:42:20
rocky
rocky
php:7.4 security, bug fix, and enhancement update
2021-11-09 08:42:20
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00