13 matches found
Astra Linux - уязвимость в php8.1, php7.3
In PHP versions 8.1. before 8.1.29, and 8.2. before 8.2.20, and 8.3. before 8.3.8, due to a code logic error, filtering functions such as filterVar when validating URLs using FILTERVALIDATEURL will result in invalid user information such as username and password parts of URLs being treated as val...
BIT-LIBPHP-2020-7071 FILTER_VALIDATE_URL accepts URLs with invalid userinfo
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong dat...
php: Filter bypass in filter_var (FILTER_VALIDATE_URL)
A flaw was found in PHP. An early return in the filtervar FILTERVALIDATEURL function results in invalid user information username + password part of URLs being treated as valid user information. This issue impacts users who expect only completely valid URLs to be returned by filtervar...
php: Filter bypass in filter_var (FILTER_VALIDATE_URL)
A flaw was found in PHP. An early return in the filtervar FILTERVALIDATEURL function results in invalid user information username + password part of URLs being treated as valid user information. This issue impacts users who expect only completely valid URLs to be returned by filtervar...
php: Filter bypass in filter_var (FILTER_VALIDATE_URL)
A flaw was found in PHP. An early return in the filtervar FILTERVALIDATEURL function results in invalid user information username + password part of URLs being treated as valid user information. This issue impacts users who expect only completely valid URLs to be returned by filtervar...
UBUNTU-CVE-2024-5458
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...
AZL-42438 CVE-2024-5458 affecting package php for versions less than 8.3.8-1
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...
php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong dat...
php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong dat...
OPENSUSE-SU-2021:0106-1 Security update for php7
This update for php7 fixes the following issue: - CVE-2020-7071: Fixed an insufficient filter in parseurl that accepted URLs with invalid userinfo bsc1180706. This update was imported from the SUSE:SLE-15-SP2:Update update project...
SUSE-SU-2021:0126-1 Security update for php74
This update for php74 fixes the following issue: - CVE-2020-7071: Fixed an insufficient filter in parseurl that accepted URLs with invalid userinfo bsc1180706...
SUSE-SU-2021:0124-1 Security update for php7
This update for php7 fixes the following issue: - CVE-2020-7071: Fixed an insufficient filter in parseurl that accepted URLs with invalid userinfo bsc1180706...
PHP Input Validation Error Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHP community. The language is primarily used for web development and supports a variety of databases and operating systems. PHP suffers from an input validation error...