Количество 21
Количество 21
CVE-2025-1861
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.
CVE-2025-1861
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.
CVE-2025-1861
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.
CVE-2025-1861
Stream HTTP wrapper truncates redirect location to 1024 bytes
CVE-2025-1861
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* ...
GHSA-52jp-hrpf-2jff
Stream HTTP wrapper truncate redirect location to 1024 bytes
BDU:2025-02835
Уязвимость интерпретатора языка программирования PHP, связанная с ошибкой числового усечения, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес или вызвать отказ в обслуживании
ELSA-2025-7431
ELSA-2025-7431: php security update (MODERATE)
SUSE-SU-2025:1026-1
Security update for php7
SUSE-SU-2025:1025-1
Security update for php7
SUSE-SU-2025:1012-1
Security update for php8
SUSE-SU-2025:0994-1
Security update for php8
RLSA-2025:7489
Important: php security update
ELSA-2025-7489
ELSA-2025-7489: php security update (IMPORTANT)
ELSA-2025-7418
ELSA-2025-7418: php:8.3 security update (IMPORTANT)
ELSA-2025-7432
ELSA-2025-7432: php:8.2 security update (MODERATE)
ELSA-2025-4263
ELSA-2025-4263: php:8.1 security update (MODERATE)
ELSA-2025-15687
ELSA-2025-15687: php:8.2 security update (MODERATE)
ROS-20250430-12
Множественные уязвимости php 8.3
ROS-20250430-11
Множественные уязвимости php 8.2
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. | CVSS3: 9.8 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. | CVSS3: 5.3 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. | CVSS3: 9.8 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-1861 Stream HTTP wrapper truncates redirect location to 1024 bytes | CVSS3: 9.8 | 0% Низкий | 7 месяцев назад |
| CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* ... | CVSS3: 9.8 | 0% Низкий | 7 месяцев назад |
| GHSA-52jp-hrpf-2jff Stream HTTP wrapper truncate redirect location to 1024 bytes | 0% Низкий | 8 месяцев назад | |
 | BDU:2025-02835 Уязвимость интерпретатора языка программирования PHP, связанная с ошибкой числового усечения, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес или вызвать отказ в обслуживании | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
| ELSA-2025-7431 ELSA-2025-7431: php security update (MODERATE) | 6 месяцев назад | ||
 | SUSE-SU-2025:1026-1 Security update for php7 | 7 месяцев назад | ||
| SUSE-SU-2025:1025-1 Security update for php7 | 7 месяцев назад | ||
| SUSE-SU-2025:1012-1 Security update for php8 | 7 месяцев назад | ||
| SUSE-SU-2025:0994-1 Security update for php8 | 7 месяцев назад | ||
 | RLSA-2025:7489 Important: php security update | около 1 месяца назад | ||
| ELSA-2025-7489 ELSA-2025-7489: php security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-7418 ELSA-2025-7418: php:8.3 security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2025-7432 ELSA-2025-7432: php:8.2 security update (MODERATE) | 6 месяцев назад | ||
| ELSA-2025-4263 ELSA-2025-4263: php:8.1 security update (MODERATE) | 6 месяцев назад | ||
| ELSA-2025-15687 ELSA-2025-15687: php:8.2 security update (MODERATE) | около 2 месяцев назад | ||
 | ROS-20250430-12 Множественные уязвимости php 8.3 | CVSS3: 6.5 | 6 месяцев назад | |
| ROS-20250430-11 Множественные уязвимости php 8.2 | CVSS3: 6.5 | 6 месяцев назад |
Уязвимостей на страницу