Количество 21
Количество 21
GHSA-p3x9-6h7p-cgfc
libxml streams use wrong `content-type` header when requesting a redirected resource
CVE-2025-1219
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.
CVE-2025-1219
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.
CVE-2025-1219
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.
CVE-2025-1219
libxml streams use wrong content-type header when requesting a redirected resource
CVE-2025-1219
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* ...
BDU:2025-02829
Уязвимость функций php_libxml_input_buffer_create_filename() и php_libxml_sniff_charset_from_stream() интерпретатора языка программирования PHP, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес
ELSA-2025-7431
ELSA-2025-7431: php security update (MODERATE)
SUSE-SU-2025:1026-1
Security update for php7
SUSE-SU-2025:1025-1
Security update for php7
SUSE-SU-2025:1012-1
Security update for php8
SUSE-SU-2025:0994-1
Security update for php8
RLSA-2025:7489
Important: php security update
ELSA-2025-7489
ELSA-2025-7489: php security update (IMPORTANT)
ELSA-2025-7418
ELSA-2025-7418: php:8.3 security update (IMPORTANT)
ELSA-2025-7432
ELSA-2025-7432: php:8.2 security update (MODERATE)
ELSA-2025-4263
ELSA-2025-4263: php:8.1 security update (MODERATE)
ELSA-2025-15687
ELSA-2025-15687: php:8.2 security update (MODERATE)
ROS-20250430-12
Множественные уязвимости php 8.3
ROS-20250430-11
Множественные уязвимости php 8.2
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-p3x9-6h7p-cgfc libxml streams use wrong `content-type` header when requesting a redirected resource | 0% Низкий | 8 месяцев назад | |
 | CVE-2025-1219 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations. | CVSS3: 5.3 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-1219 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations. | CVSS3: 3.7 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-1219 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations. | CVSS3: 5.3 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-1219 libxml streams use wrong content-type header when requesting a redirected resource | CVSS3: 5.3 | 0% Низкий | 7 месяцев назад |
| CVE-2025-1219 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* ... | CVSS3: 5.3 | 0% Низкий | 7 месяцев назад |
 | BDU:2025-02829 Уязвимость функций php_libxml_input_buffer_create_filename() и php_libxml_sniff_charset_from_stream() интерпретатора языка программирования PHP, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес | CVSS3: 3.5 | 0% Низкий | 8 месяцев назад |
| ELSA-2025-7431 ELSA-2025-7431: php security update (MODERATE) | 6 месяцев назад | ||
 | SUSE-SU-2025:1026-1 Security update for php7 | 7 месяцев назад | ||
| SUSE-SU-2025:1025-1 Security update for php7 | 7 месяцев назад | ||
| SUSE-SU-2025:1012-1 Security update for php8 | 7 месяцев назад | ||
| SUSE-SU-2025:0994-1 Security update for php8 | 7 месяцев назад | ||
 | RLSA-2025:7489 Important: php security update | около 1 месяца назад | ||
| ELSA-2025-7489 ELSA-2025-7489: php security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-7418 ELSA-2025-7418: php:8.3 security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2025-7432 ELSA-2025-7432: php:8.2 security update (MODERATE) | 6 месяцев назад | ||
| ELSA-2025-4263 ELSA-2025-4263: php:8.1 security update (MODERATE) | 6 месяцев назад | ||
| ELSA-2025-15687 ELSA-2025-15687: php:8.2 security update (MODERATE) | около 2 месяцев назад | ||
 | ROS-20250430-12 Множественные уязвимости php 8.3 | CVSS3: 6.5 | 6 месяцев назад | |
| ROS-20250430-11 Множественные уязвимости php 8.2 | CVSS3: 6.5 | 6 месяцев назад |
Уязвимостей на страницу