In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.

References

bugzilla.redhat.com/show_bug.cgi?id=1885738

nvd.nist.gov/vuln/detail/CVE-2020-7070

www.cve.org/CVERecord?id=CVE-2020-7070

osv 15

ubuntucve 2

nessus 50

f5 1

prion 2

alpinelinux 1

cve 2

debiancve 2

friendsofphp 1

amazon 1

github 2

openvas 34

debian 4

hackerone 2

ibm 3

mageia 2

redhatcve 1

veracode 2

rubygems 2

ubuntu 5

fedora 3

suse 5

altlinux 2

gentoo 1

redhat 3

rocky 1

oraclelinux 1

almalinux 1

cloudlinux 1

osv

BIT-php-2020-7070

2024-03-06 11:05:57

CVE-2020-7070

2020-10-02 15:15:12

ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent

2022-09-16 18:48:53

ubuntucve

CVE-2020-7070

2020-10-02 00:00:00

CVE-2020-8184

2020-06-19 00:00:00

nessus

SUSE SLES11 Security Update : php53 (SUSE-SU-2020:14516-1)

2021-06-10 00:00:00

Ubuntu 20.10 : PHP vulnerabilities (USN-4583-2)

2020-10-27 00:00:00

Amazon Linux AMI : php72 (ALAS-2020-1440)

2020-10-28 00:00:00

K11435435 : PHP vulnerability CVE-2020-7070

2020-10-22 00:00:00

prion

Information disclosure

2020-10-02 15:15:00

Input validation

2020-06-19 17:15:00

alpinelinux

CVE-2020-7070

2020-10-02 15:15:00

cve

CVE-2020-7070

2020-10-02 15:15:00

CVE-2020-8184

2020-06-19 17:15:00

debiancve

CVE-2020-7070

2020-10-02 15:15:00

CVE-2020-8184

2020-06-19 17:15:00

friendsofphp

ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent

2022-08-20 11:11:00

amazon

Medium: php72, php73

2020-10-26 18:16:00

github

ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent

2022-09-16 18:48:53

Rack allows Percent-encoded cookies to overwrite existing prefixed cookie names

2020-06-24 17:15:00

openvas

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-2316)

2020-11-02 00:00:00

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2021-1566)

2021-03-05 00:00:00

SUSE: Security Advisory (SUSE-SU-2020:2920-1)

2021-06-09 00:00:00

debian

[SECURITY] [DLA 2397-1] php7.0 security update

2020-10-06 21:42:36

[SECURITY] [DLA 2275-1] ruby-rack security update

2020-07-10 19:56:49

[SECURITY] [DLA 3298-1] ruby-rack security update

2023-01-30 21:54:32

hackerone

Ruby on Rails: Rack parses encoded cookie names allowing an attacker to send malicious `__Host-` and `__Secure-` prefixed cookies

2020-06-10 23:58:33

Internet Bug Bounty: Ruby CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse

2022-01-30 07:31:32

ibm

Security Bulletin: IBM API Connect is vulnerable to cookie forgery via PHP (CVE-2020-7070)

2021-04-28 20:38:52

Security Bulletin: Aspera on Cloud CVE-2020-8184

2020-09-28 20:47:48

Security Bulletin: Vulnerabilities in Ruby on Rails affect IBM License Metric Tool v9.

2020-10-01 13:30:25

mageia

Updated php packages fix a security vulnerability

2020-10-16 20:04:43

Updated ruby-rack packages fix security vulnerability

2020-08-01 02:25:42

redhatcve

CVE-2020-8184

2020-06-19 16:56:13

veracode

Insecure Cookie Parsing

2020-06-16 07:11:11

Cookie Injection

2020-10-02 06:07:42

rubygems

Percent-encoded cookies can be used to overwrite existing prefixed cookie names

2020-06-14 21:00:00

Cookie Prefix Spoofing in CGI::Cookie.parse

2021-11-23 21:00:00

ubuntu

Rack vulnerabilities

2021-04-06 00:00:00

PHP vulnerabilities

2020-10-27 00:00:00

PHP vulnerabilities

2020-10-14 00:00:00

fedora

[SECURITY] Fedora 31 Update: php-7.3.23-1.fc31

2020-10-07 20:45:40

[SECURITY] Fedora 33 Update: php-7.4.11-1.fc33

2020-10-04 00:16:01

[SECURITY] Fedora 32 Update: php-7.4.11-1.fc32

2020-10-07 20:37:09

suse

Security update for rubygem-rack (moderate)

2022-09-23 00:00:00

Security update for php7 (important)

2020-10-29 00:00:00

Security update for php7 (important)

2020-10-20 00:00:00

altlinux

Security fix for the ALT Linux 9 package php7 version 7.3.23-alt1

2020-10-10 00:00:00

Security fix for the ALT Linux 8 package php7 version 7.2.34-alt1

2020-10-13 00:00:00

gentoo

PHP: Multiple vulnerabilities

2020-12-23 00:00:00

redhat

(RHSA-2021:4213) Moderate: php:7.4 security, bug fix, and enhancement update

2021-11-09 08:42:20

(RHSA-2021:2992) Moderate: rh-php73-php security, bug fix, and enhancement update

2021-08-03 08:11:09

(RHSA-2020:4366) Important: Satellite 6.8 release

2020-10-27 12:45:25

rocky

php:7.4 security, bug fix, and enhancement update

2021-11-09 08:42:20

oraclelinux

php:7.4 security, bug fix, and enhancement update

2021-11-16 00:00:00

almalinux

Moderate: php:7.4 security, bug fix, and enhancement update

2021-11-09 08:42:20

cloudlinux

Fix of 227 CVE

2020-10-15 12:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

74.7%

JSON

Related for RH:CVE-2020-7070