---

CVE-2020-7071 - log back

CVE-2020-7071 edited at 07 Jan 2021 18:09:12
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Insufficient validation
Description	+ A security issue was found in the php_url_parse_ex() function in PHP, which leads to FILTER_VALIDATE_URL accepting URLs with invalid userinfo. It is fixed in versions 8.0.1, 7.4.14 and 7.3.26.
References	+ https://bugs.php.net/bug.php?id=77423 + https://git.php.net/?p=php-src.git;a=commitdiff;h=b7f837381ef642d7fb369bfd0069e7525d4c22ea + https://git.php.net/?p=php-src.git;a=commitdiff;h=5346d0ae69f290c7704a39cd10a574a2d661f05a + https://git.php.net/?p=php-src.git;a=commitdiff;h=d4f5aed22193106271510efd643ba8f349b7d85f
Notes

CVE-2020-7071 created at 07 Jan 2021 17:51:40