CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7070

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.229

EPSS Ranking 95.6%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 5.0

References

Products affected by CVE-2020-7070

Netapp » Clustered Data Ontap » Version: N/A

cpe:2.3:a:netapp:clustered_data_ontap:-
Php » Php » Version: 7.2.0

cpe:2.3:a:php:php:7.2.0
Php » Php » Version: 7.2.1

cpe:2.3:a:php:php:7.2.1
Php » Php » Version: 7.2.10

cpe:2.3:a:php:php:7.2.10
Php » Php » Version: 7.2.11

cpe:2.3:a:php:php:7.2.11
Php » Php » Version: 7.2.12

cpe:2.3:a:php:php:7.2.12
Php » Php » Version: 7.2.13

cpe:2.3:a:php:php:7.2.13
Php » Php » Version: 7.2.14

cpe:2.3:a:php:php:7.2.14
Php » Php » Version: 7.2.15

cpe:2.3:a:php:php:7.2.15
Php » Php » Version: 7.2.16

cpe:2.3:a:php:php:7.2.16
Php » Php » Version: 7.2.17

cpe:2.3:a:php:php:7.2.17
Php » Php » Version: 7.2.18

cpe:2.3:a:php:php:7.2.18
Php » Php » Version: 7.2.19

cpe:2.3:a:php:php:7.2.19
Php » Php » Version: 7.2.2

cpe:2.3:a:php:php:7.2.2
Php » Php » Version: 7.2.20

cpe:2.3:a:php:php:7.2.20
Php » Php » Version: 7.2.21

cpe:2.3:a:php:php:7.2.21
Php » Php » Version: 7.2.22

cpe:2.3:a:php:php:7.2.22
Php » Php » Version: 7.2.23

cpe:2.3:a:php:php:7.2.23
Php » Php » Version: 7.2.24

cpe:2.3:a:php:php:7.2.24
Php » Php » Version: 7.2.25

cpe:2.3:a:php:php:7.2.25
Php » Php » Version: 7.2.26

cpe:2.3:a:php:php:7.2.26
Php » Php » Version: 7.2.27

cpe:2.3:a:php:php:7.2.27
Php » Php » Version: 7.2.29

cpe:2.3:a:php:php:7.2.29
Php » Php » Version: 7.2.3

cpe:2.3:a:php:php:7.2.3
Php » Php » Version: 7.2.30

cpe:2.3:a:php:php:7.2.30
Php » Php » Version: 7.2.31

cpe:2.3:a:php:php:7.2.31
Php » Php » Version: 7.2.32

cpe:2.3:a:php:php:7.2.32
Php » Php » Version: 7.2.33

cpe:2.3:a:php:php:7.2.33
Php » Php » Version: 7.2.4

cpe:2.3:a:php:php:7.2.4
Php » Php » Version: 7.2.5

cpe:2.3:a:php:php:7.2.5
Php » Php » Version: 7.2.6

cpe:2.3:a:php:php:7.2.6
Php » Php » Version: 7.2.7

cpe:2.3:a:php:php:7.2.7
Php » Php » Version: 7.2.8

cpe:2.3:a:php:php:7.2.8
Php » Php » Version: 7.2.9

cpe:2.3:a:php:php:7.2.9
Php » Php » Version: 7.3.0

cpe:2.3:a:php:php:7.3.0
Php » Php » Version: 7.3.1

cpe:2.3:a:php:php:7.3.1
Php » Php » Version: 7.3.10

cpe:2.3:a:php:php:7.3.10
Php » Php » Version: 7.3.11

cpe:2.3:a:php:php:7.3.11
Php » Php » Version: 7.3.12

cpe:2.3:a:php:php:7.3.12
Php » Php » Version: 7.3.13

cpe:2.3:a:php:php:7.3.13
Php » Php » Version: 7.3.14

cpe:2.3:a:php:php:7.3.14
Php » Php » Version: 7.3.15

cpe:2.3:a:php:php:7.3.15
Php » Php » Version: 7.3.16

cpe:2.3:a:php:php:7.3.16
Php » Php » Version: 7.3.17

cpe:2.3:a:php:php:7.3.17
Php » Php » Version: 7.3.18

cpe:2.3:a:php:php:7.3.18
Php » Php » Version: 7.3.19

cpe:2.3:a:php:php:7.3.19
Php » Php » Version: 7.3.2

cpe:2.3:a:php:php:7.3.2
Php » Php » Version: 7.3.20

cpe:2.3:a:php:php:7.3.20
Php » Php » Version: 7.3.21

cpe:2.3:a:php:php:7.3.21
Php » Php » Version: 7.3.22

cpe:2.3:a:php:php:7.3.22
Php » Php » Version: 7.3.3

cpe:2.3:a:php:php:7.3.3
Php » Php » Version: 7.3.4

cpe:2.3:a:php:php:7.3.4
Php » Php » Version: 7.3.5

cpe:2.3:a:php:php:7.3.5
Php » Php » Version: 7.3.6

cpe:2.3:a:php:php:7.3.6
Php » Php » Version: 7.3.7

cpe:2.3:a:php:php:7.3.7
Php » Php » Version: 7.3.8

cpe:2.3:a:php:php:7.3.8
Php » Php » Version: 7.3.9

cpe:2.3:a:php:php:7.3.9
Php » Php » Version: 7.4.0

cpe:2.3:a:php:php:7.4.0
Php » Php » Version: 7.4.1

cpe:2.3:a:php:php:7.4.1
Php » Php » Version: 7.4.10

cpe:2.3:a:php:php:7.4.10
Php » Php » Version: 7.4.2

cpe:2.3:a:php:php:7.4.2
Php » Php » Version: 7.4.3

cpe:2.3:a:php:php:7.4.3
Php » Php » Version: 7.4.4

cpe:2.3:a:php:php:7.4.4
Php » Php » Version: 7.4.5

cpe:2.3:a:php:php:7.4.5
Php » Php » Version: 7.4.6

cpe:2.3:a:php:php:7.4.6
Php » Php » Version: 7.4.7

cpe:2.3:a:php:php:7.4.7
Php » Php » Version: 7.4.8

cpe:2.3:a:php:php:7.4.8
Php » Php » Version: 7.4.9

cpe:2.3:a:php:php:7.4.9
Tenable » Tenable.sc » Version: N/A

cpe:2.3:a:tenable:tenable.sc:-
Tenable » Tenable.sc » Version: 5.13.0

cpe:2.3:a:tenable:tenable.sc:5.13.0
Tenable » Tenable.sc » Version: 5.14.0

cpe:2.3:a:tenable:tenable.sc:5.14.0
Tenable » Tenable.sc » Version: 5.14.1

cpe:2.3:a:tenable:tenable.sc:5.14.1
Tenable » Tenable.sc » Version: 5.16.0

cpe:2.3:a:tenable:tenable.sc:5.16.0
Tenable » Tenable.sc » Version: 5.17.0

cpe:2.3:a:tenable:tenable.sc:5.17.0
Tenable » Tenable.sc » Version: 5.18.0

cpe:2.3:a:tenable:tenable.sc:5.18.0
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 16.04

cpe:2.3:o:canonical:ubuntu_linux:16.04
Canonical » Ubuntu Linux » Version: 18.04

cpe:2.3:o:canonical:ubuntu_linux:18.04
Canonical » Ubuntu Linux » Version: 20.04

cpe:2.3:o:canonical:ubuntu_linux:20.04
Debian » Debian Linux » Version: 10.0

cpe:2.3:o:debian:debian_linux:10.0
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0
Fedoraproject » Fedora » Version: 31

cpe:2.3:o:fedoraproject:fedora:31
Fedoraproject » Fedora » Version: 32

cpe:2.3:o:fedoraproject:fedora:32
Fedoraproject » Fedora » Version: 33

cpe:2.3:o:fedoraproject:fedora:33
Opensuse » Leap » Version: 15.1

cpe:2.3:o:opensuse:leap:15.1
Opensuse » Leap » Version: 15.2

cpe:2.3:o:opensuse:leap:15.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7070

Products

Pricing

Contact Us