CVE-2020-7066

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-7066
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7066.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-7066
Aliases
Downstream
Related
Published
2020-04-01T04:15:14.020Z
Modified
2026-04-16T04:30:41.268665814Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using getheaders() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the getheaders() and possibly send some information to a wrong server.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
8148cbb78841c8ec0759c0836e7f35dec799d300
Fixed
cc274342d26942fc162aff6203e23372b5715d80
Introduced
52ace952a1b65ca80fc2617f11c2fa6dd03f51bd
Fixed
4e330d3d488c232ad5f9769f1fa9471c9b5ad088
Introduced
3c7824e16ec4c3cee417262445d2c2b66531c10f
Fixed
acfdeccb2ee5821138a8d68b12177daff1e63e41
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5dc92c2117cafc61daaaaa240fd46c3ac33872a4
Database specific 
{
    "versions": [
        {
            "introduced": "7.2.0"
        },
        {
            "fixed": "7.2.29"
        },
        {
            "introduced": "7.3.0"
        },
        {
            "fixed": "7.3.16"
        },
        {
            "introduced": "7.4.0"
        },
        {
            "fixed": "7.4.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        }
    ]
}

Affected versions

Other
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
php-7.*
php-7.3.16RC1
php-8.*
php-8.0.0

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "5.19.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.19.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "15.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7066.json"