CVE-2021-21705 in SD-WAN Aware정보

요약

\~에 의해 MITRE • 2021. 10. 04.

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

PHP Group

예약하다

2021. 01. 04.

공개

2021. 10. 04.

모더레이션

수락

항목

연결하다

보여 주다

CPE

준비됨

CWE

CWE-20 (확인됨)

CVSS

5.3 (NVD)

EPSS

0.00294

KEV

아니요

활동

매우 낮음

부문

Pharma, Chemical, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2021-21705
NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-21705
CVE Details	https://www.cvedetails.com/cve/CVE-2021-21705/

◂ 이전 개요 다음 ▸

Interested in the pricing of exploits?

See the underground prices here!