Lucene search
Redhat.comRH:CVE-2016-10397HistoryJul 17, 2017 - 1:48 p.m.
CVE-2016-10397
2017-07-1713:48:32
redhat.com
access.redhat.com
18
0.005 Low
EPSS
Percentile
76.6%
In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:[email protected]/ inputs to the parse_url function (implemented in the php_url_parse_ex function in ext/standard/url.c).
Related
cve
cve
CVE-2016-10397
2017-07-10 14:29:00
osv
osv
CVE-2016-10397
2017-07-10 14:29:00
php5 - security update
2017-07-21 00:00:00
cvelist
cvelist
CVE-2016-10397
2017-07-10 14:00:00
nvd
nvd
CVE-2016-10397
2017-07-10 14:29:00
ubuntucve
ubuntucve
CVE-2016-10397
2017-07-10 00:00:00
ibm
ibm
debiancve
debiancve
CVE-2016-10397
2017-07-10 14:29:00
prion
prion
Code injection
2017-07-10 14:29:00
openvas
openvas
PHP Multiple Vulnerabilities (Nov 2016) - Windows
2017-07-13 00:00:00
PHP Multiple Vulnerabilities (Nov 2016) - Linux
2017-07-13 00:00:00
Debian: Security Advisory (DLA-1034-1)
2018-02-07 00:00:00
debian
debian
[SECURITY] [DLA 1034-1] php5 security update
2017-07-21 11:45:57
nessus
nessus
Debian DLA-1034-1 : php5 security update
2017-07-24 00:00:00
SUSE SLES12 Security Update : php7 (SUSE-SU-2017:2303-1)
2019-01-02 00:00:00
SUSE SLES12 Security Update : php5 (SUSE-SU-2017:2317-1)
2019-01-02 00:00:00
f5
f5
K20289222 : Multiple PHP vulnerabilities
2017-08-08 00:00:00
suse
suse
Security update for php7 (important)
2017-09-04 12:07:53
Security update for php7 (important)
2017-08-30 19:30:52
ubuntu
ubuntu
PHP vulnerabilities
2017-12-18 00:00:00
PHP vulnerabilities
2017-08-10 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45