CVE-2020-7066— get_headers() silently truncates after a null byte
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-7066
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
get_headers() silently truncates after a null byte
Source: NVD (National Vulnerability Database)
Vulnerability Description
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
不恰当的空终结符
Source: NVD (National Vulnerability Database)
Vulnerability Title
PHP 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
PHP(PHP:Hypertext Preprocessor,PHP:超文本预处理器)是PHPGroup和开放源代码社区的共同维护的一种开源的通用计算机脚本语言。该语言主要用于Web开发,支持多种数据库及操作系统。 PHP 7.2.29之前的7.2.x版本、7.3.16之前的7.3.x版本和7.4.4之前的7.4.x版本中的‘get_headers()’函数存在安全漏洞。攻击者可利用该漏洞造成信息泄露。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2020-7066
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-7066
请登录查看更多情报信息。
- https://bugs.php.net/bug.php?id=79329x_refsource_MISC
- https://security.netapp.com/advisory/ntap-20200403-0001/x_refsource_CONFIRM
- https://www.tenable.com/security/tns-2021-14x_refsource_CONFIRM
- http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2020-7066
Same Patch Batch · PHP Group · 2020-04-01 · 3 CVEs total
| CVE-2020-7065 | 7.4 HIGH | mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full |
| CVE-2020-7064 | 6.5 MEDIUM | Use-of-uninitialized-value in exif |
IV. Related Vulnerabilities
Same product: PHP
Same vendor: PHP Group
Same weakness: CWE-170
- CVE-2026-34032
Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due - CVE-2026-40334
libgphoto2 missing null termination in ptp_unpack_Canon_FE() - CVE-2026-33948
jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Pr - CVE-2026-2239
Gimp: gimp: application crash (dos) via crafted psd file due - CVE-2026-32837
mackron / miniaudio Out-of-Bounds Read in BEXT Coding Histor
V. Comments for CVE-2020-7066
No comments yet