AZL-59334 CVE-2025-1734 affecting package php for versions less than 8.3.19-1

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...

DEBIAN-CVE-2025-1736

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

PHP 安全漏洞

PHP is a scripting language for PHP that executes on the server side. A security vulnerability exists in PHP that stems from parsing a redirect in an HTTP request response with a location value size limit of 1024, which could result in a URL truncation error and redirection to the wrong location...

PHP 安全漏洞

PHP is a scripting language in which PHP is executed server-side. A security vulnerability exists in PHP versions prior to 8.1.32, 8.2.28, 8.3.19, and 8.4.5, which stems from an insufficient validation of end-of-line characters when sending user-supplied headers may result in certain headers not...

AZL-59294 CVE-2025-1217 affecting package php for versions less than 8.3.19-1

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME...

Fedora 40 : php (2025-4e7e2c40e0)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4e7e2c40e0 advisory. PHP version 8.3.19 13 Mar 2025 BCMath: Fixed bug GH-17398 bcmul memory leak. SakiTakamachi Core: Fixed bug GH-17623 Broken stack overflow detection...

Fedora 41 : php (2025-8d0acf5a57)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-8d0acf5a57 advisory. PHP version 8.3.19 13 Mar 2025 BCMath: Fixed bug GH-17398 bcmul memory leak. SakiTakamachi Core: Fixed bug GH-17623 Broken stack overflow detection...

PHP 8.3.x < 8.3.19 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.3.19. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.3.19 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...

CVE-2024-22217

A Server-Side Request Forgery SSRF vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on...

Terminalfour 安全漏洞

Terminalfour is a digital marketing and web content management platform for higher education from US-based Terminalfour, Inc. A security vulnerability exists in versions of Terminalfour prior to 8.3.19 that stems from the presence of a server-side request forgery vulnerability that allows...