3 matches found
RHEL 8 : 7.2_php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php: Information disclosure in exifreaddata function CVE-2020-7064 - In PHP versions 7.2.x below 7.2.29,...
php: Information disclosure in function get_headers
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using getheaders with user-supplied URL, if the URL contains zero \0 character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the getheade...
PT-2020-2412 · Php +8 · Php +8
Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x through 7.2.28 PHP versions 7.3.x through 7.3.15 PHP versions 7.4.x through 7.4.3 Description: The issue is related to the implementation of the get headers function in PHP, which does not properly check user-supplied URLs...