1913846 – (CVE-2020-7071) CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo

Bug 1913846 (CVE-2020-7071) - CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo

Summary: CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2020-7071
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1913847 1923864 1923865 1923866 1923867 1923868 1977768
Blocks:	1913849
TreeView+	depends on / blocked

Reported:	2021-01-07 17:41 UTC by Guilherme de Almeida Suckevicz
Modified:	2021-11-09 17:45 UTC (History)
CC List:	6 users (show)
Fixed In Version:	php 7.3.27, php 7.4.15, php 8.0.2
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-08-03 13:07:06 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2021:2992	0	None	None	None	2021-08-03 09:15:55 UTC
Red Hat Product Errata	RHSA-2021:4213	0	None	None	None	2021-11-09 17:45:22 UTC

Description Guilherme de Almeida Suckevicz 2021-01-07 17:41:18 UTC

A security issue was found in the php_url_parse_ex() function in PHP, which leads to FILTER_VALIDATE_URL accepting URLs with invalid userinfo

Reference:
https://bugs.php.net/bug.php?id=77423

Comment 1 Guilherme de Almeida Suckevicz 2021-01-07 17:41:33 UTC

Created php tracking bugs for this issue:

Affects: fedora-all [bug 1913847]

Comment 2 Remi Collet 2021-01-29 07:28:48 UTC

PHP 7.3.26 includes a fix

https://github.com/php/php-src/commit/2d3d72412a6734e19a38ed10f385227a6238e4a6

But this fix introduces a BC break and have been reverted
and a new fix applied

https://github.com/php/php-src/commit/4a89e726bd4d0571991dc22a9a1ad4509e8fe347
https://github.com/php/php-src/commit/9c673083cd46ee2a954a62156acbe4b6e657c048

Will be part of upcoming 7.3.27

Comment 6 errata-xmlrpc 2021-08-03 09:15:53 UTC

This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS

Via RHSA-2021:2992 https://access.redhat.com/errata/RHSA-2021:2992

Comment 7 Product Security DevOps Team 2021-08-03 13:07:06 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-7071

Comment 8 errata-xmlrpc 2021-11-09 17:45:21 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:4213 https://access.redhat.com/errata/RHSA-2021:4213

Note You need to log in before you can comment on or make changes to this bug.