PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 889
CVE-2025-14178
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts using zend_hash_num_elements(). This may lead to memory corruption or crashes and affect the integrity and availability of the target server.
CVE-2025-14177
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.
CVE-2025-14178
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts using zend_hash_num_elements(). This may lead to memory corruption or crashes and affect the integrity and availability of the target server.
CVE-2025-14180
In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.
GHSA-www2-q4fc-65wf
Null byte termination in dns_get_record()
GHSA-8xr5-qppj-gvwj
NULL Pointer Dereference in PDO quoting
GHSA-h96m-rvf9-jgm2
Heap buffer overflow in array_merge()
GHSA-3237-qqm7-mfv7
Information Leak of Memory in getimagesize
BDU:2026-02749
Уязвимость функции php_array_merge_wrapper языка программирования PHP, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании
BDU:2026-02748
Уязвимость функции php_read_stream_all_chunks языка программирования PHP, позволяющая нарушителю получить доступ к конфиденциальным данным
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2025-14178 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts using zend_hash_num_elements(). This may lead to memory corruption or crashes and affect the integrity and availability of the target server. | CVSS3: 6.5 | 0% Низкий | 3 месяца назад |
 | CVE-2025-14177 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server. | CVSS3: 3.7 | 0% Низкий | 3 месяца назад |
| CVE-2025-14178 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts using zend_hash_num_elements(). This may lead to memory corruption or crashes and affect the integrity and availability of the target server. | CVSS3: 6.5 | 0% Низкий | 3 месяца назад |
| CVE-2025-14180 In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server. | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
| GHSA-www2-q4fc-65wf Null byte termination in dns_get_record() | 3 месяца назад | ||
| GHSA-8xr5-qppj-gvwj NULL Pointer Dereference in PDO quoting | 0% Низкий | 3 месяца назад | |
| GHSA-h96m-rvf9-jgm2 Heap buffer overflow in array_merge() | CVSS3: 6.5 | 0% Низкий | 3 месяца назад |
| GHSA-3237-qqm7-mfv7 Information Leak of Memory in getimagesize | 0% Низкий | 3 месяца назад | |
 | BDU:2026-02749 Уязвимость функции php_array_merge_wrapper языка программирования PHP, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании | CVSS3: 6.5 | 0% Низкий | 3 месяца назад |
| BDU:2026-02748 Уязвимость функции php_read_stream_all_chunks языка программирования PHP, позволяющая нарушителю получить доступ к конфиденциальным данным | CVSS3: 3.7 | 0% Низкий | 4 месяца назад |
Уязвимостей на страницу