exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 22

GHSA-3237-qqm7-mfv7

3 месяца назад

Information Leak of Memory in getimagesize

EPSS: Низкий

CVE-2025-14177

3 месяца назад

In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.

CVSS3: 7.5

EPSS: Низкий

CVE-2025-14177

3 месяца назад

CVSS3: 3.7

EPSS: Низкий

CVE-2025-14177

3 месяца назад

CVSS3: 7.5

EPSS: Низкий

CVE-2025-14177

3 месяца назад

Information Leak of Memory in getimagesize

CVSS3: 3.7

EPSS: Низкий

CVE-2025-14177

3 месяца назад

In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before ...

CVSS3: 7.5

EPSS: Низкий

BDU:2026-02748

4 месяца назад

Уязвимость функции php_read_stream_all_chunks языка программирования PHP, позволяющая нарушителю получить доступ к конфиденциальным данным

CVSS3: 3.7

EPSS: Низкий

RLSA-2026:2799

29 дней назад

Moderate: php security update

EPSS: Низкий

ELSA-2026-2799

около 1 месяца назад

ELSA-2026-2799: php security update (MODERATE)

EPSS: Низкий

openSUSE-SU-2026:20113-1

около 2 месяцев назад

Security update for php8

EPSS: Низкий

SUSE-SU-2026:0086-1

3 месяца назад

Security update for php8

EPSS: Низкий

SUSE-SU-2026:0071-1

3 месяца назад

Security update for php8

EPSS: Низкий

RLSA-2026:1628

около 2 месяцев назад

Important: php security update

EPSS: Низкий

RLSA-2026:1429

около 2 месяцев назад

Important: php:8.3 security update

EPSS: Низкий

ELSA-2026-1628

около 2 месяцев назад

ELSA-2026-1628: php security update (IMPORTANT)

EPSS: Низкий

ELSA-2026-1429

около 2 месяцев назад

ELSA-2026-1429: php:8.3 security update (IMPORTANT)

EPSS: Низкий

RLSA-2026:1412

около 2 месяцев назад

Important: php:8.2 security update

EPSS: Низкий

RLSA-2026:1409

около 2 месяцев назад

Important: php:8.2 security update

EPSS: Низкий

ELSA-2026-1412

около 2 месяцев назад

ELSA-2026-1412: php:8.2 security update (IMPORTANT)

EPSS: Низкий

ELSA-2026-1409

около 2 месяцев назад

ELSA-2026-1409: php:8.2 security update (IMPORTANT)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-3237-qqm7-mfv7 Information Leak of Memory in getimagesize		0% Низкий	3 месяца назад
CVE-2025-14177 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.	CVSS3: 7.5	0% Низкий	3 месяца назад
CVE-2025-14177 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.	CVSS3: 3.7	0% Низкий	3 месяца назад
CVE-2025-14177 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.	CVSS3: 7.5	0% Низкий	3 месяца назад
CVE-2025-14177 Information Leak of Memory in getimagesize	CVSS3: 3.7	0% Низкий	3 месяца назад
CVE-2025-14177 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before ...	CVSS3: 7.5	0% Низкий	3 месяца назад
BDU:2026-02748 Уязвимость функции php_read_stream_all_chunks языка программирования PHP, позволяющая нарушителю получить доступ к конфиденциальным данным	CVSS3: 3.7	0% Низкий	4 месяца назад
RLSA-2026:2799 Moderate: php security update			29 дней назад
ELSA-2026-2799 ELSA-2026-2799: php security update (MODERATE)			около 1 месяца назад
openSUSE-SU-2026:20113-1 Security update for php8			около 2 месяцев назад
SUSE-SU-2026:0086-1 Security update for php8			3 месяца назад
SUSE-SU-2026:0071-1 Security update for php8			3 месяца назад
RLSA-2026:1628 Important: php security update			около 2 месяцев назад
RLSA-2026:1429 Important: php:8.3 security update			около 2 месяцев назад
ELSA-2026-1628 ELSA-2026-1628: php security update (IMPORTANT)			около 2 месяцев назад
ELSA-2026-1429 ELSA-2026-1429: php:8.3 security update (IMPORTANT)			около 2 месяцев назад
RLSA-2026:1412 Important: php:8.2 security update			около 2 месяцев назад
RLSA-2026:1409 Important: php:8.2 security update			около 2 месяцев назад
ELSA-2026-1412 ELSA-2026-1412: php:8.2 security update (IMPORTANT)			около 2 месяцев назад
ELSA-2026-1409 ELSA-2026-1409: php:8.2 security update (IMPORTANT)			около 2 месяцев назад

Уязвимостей на страницу