CVE-2020-7066 — MEDIUM (5.3)

Q: How severe is CVE-2020-7066?

CVE-2020-7066 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-7066?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Tenable Tenable.Sc, Opensuse Leap, Debian Debian Linux.

Vulnerability Description

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Php	Php	>= 7.2.0, < 7.2.29
Tenable	Tenable.Sc	< 5.19.0
Opensuse	Leap	15.1
Debian	Debian Linux	8.0

Related Weaknesses (CWE)

CWE-170

References

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.htmlThird Party Advisory
https://bugs.php.net/bug.php?id=79329ExploitIssue TrackingPatch
https://lists.debian.org/debian-lts-announce/2020/04/msg00021.htmlThird Party Advisory
https://security.netapp.com/advisory/ntap-20200403-0001/Third Party Advisory
https://usn.ubuntu.com/4330-2/Third Party Advisory
https://www.debian.org/security/2020/dsa-4717Third Party Advisory
https://www.debian.org/security/2020/dsa-4719Third Party Advisory
https://www.tenable.com/security/tns-2021-14PatchThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.htmlThird Party Advisory
https://bugs.php.net/bug.php?id=79329ExploitIssue TrackingPatch
https://lists.debian.org/debian-lts-announce/2020/04/msg00021.htmlThird Party Advisory
https://security.netapp.com/advisory/ntap-20200403-0001/Third Party Advisory
https://usn.ubuntu.com/4330-2/Third Party Advisory
https://www.debian.org/security/2020/dsa-4717Third Party Advisory
https://www.debian.org/security/2020/dsa-4719Third Party Advisory

FAQ

What is CVE-2020-7066?

CVE-2020-7066 is a vulnerability with a CVSS score of 5.3 (MEDIUM). In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently trunca...

How severe is CVE-2020-7066?

CVE-2020-7066 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-7066?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Tenable Tenable.Sc, Opensuse Leap, Debian Debian Linux.