Количество 18
Количество 18
GHSA-52jp-hrpf-2jff
Stream HTTP wrapper truncate redirect location to 1024 bytes
CVE-2025-1861
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.
CVE-2025-1861
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.
CVE-2025-1861
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.
CVE-2025-1861
CVE-2025-1861
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* ...
BDU:2025-02835
Уязвимость интерпретатора языка программирования PHP, связанная с ошибкой числового усечения, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес или вызвать отказ в обслуживании
ELSA-2025-7431
ELSA-2025-7431: php security update (MODERATE)
SUSE-SU-2025:1026-1
Security update for php7
SUSE-SU-2025:1025-1
Security update for php7
SUSE-SU-2025:1012-1
Security update for php8
SUSE-SU-2025:0994-1
Security update for php8
ELSA-2025-7418
ELSA-2025-7418: php:8.3 security update (IMPORTANT)
ELSA-2025-7432
ELSA-2025-7432: php:8.2 security update (MODERATE)
ELSA-2025-4263
ELSA-2025-4263: php:8.1 security update (MODERATE)
ROS-20250430-12
Множественные уязвимости php 8.3
ROS-20250430-11
Множественные уязвимости php 8.2
ROS-20250430-10
Множественные уязвимости php 8.1
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-52jp-hrpf-2jff Stream HTTP wrapper truncate redirect location to 1024 bytes | 0% Низкий | 3 месяца назад | |
 | CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. | 0% Низкий | 3 месяца назад | |
 | CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. | 0% Низкий | 3 месяца назад | |
 | 0% Низкий | 3 месяца назад | ||
| CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* ... | 0% Низкий | 3 месяца назад | |
 | BDU:2025-02835 Уязвимость интерпретатора языка программирования PHP, связанная с ошибкой числового усечения, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес или вызвать отказ в обслуживании | CVSS3: 4.3 | 0% Низкий | 3 месяца назад |
| ELSA-2025-7431 ELSA-2025-7431: php security update (MODERATE) | 28 дней назад | ||
 | SUSE-SU-2025:1026-1 Security update for php7 | 3 месяца назад | ||
| SUSE-SU-2025:1025-1 Security update for php7 | 3 месяца назад | ||
| SUSE-SU-2025:1012-1 Security update for php8 | 3 месяца назад | ||
| SUSE-SU-2025:0994-1 Security update for php8 | 3 месяца назад | ||
| ELSA-2025-7418 ELSA-2025-7418: php:8.3 security update (IMPORTANT) | 28 дней назад | ||
| ELSA-2025-7432 ELSA-2025-7432: php:8.2 security update (MODERATE) | 28 дней назад | ||
| ELSA-2025-4263 ELSA-2025-4263: php:8.1 security update (MODERATE) | около 2 месяцев назад | ||
 | ROS-20250430-12 Множественные уязвимости php 8.3 | CVSS3: 6.5 | около 2 месяцев назад | |
| ROS-20250430-11 Множественные уязвимости php 8.2 | CVSS3: 6.5 | около 2 месяцев назад | |
| ROS-20250430-10 Множественные уязвимости php 8.1 | CVSS3: 6.5 | около 2 месяцев назад |
Уязвимостей на страницу