42 matches found
TencentOS Server 3: php:7.4 (TSSA-2026:0172)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0172 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
RockyLinux 9 : php:8.3 (RLSA-2025:7418)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:7418 advisory. php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header...
Ubuntu: Security Advisory (USN-7645-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AlmaLinux 9 : php:8.3 (ALSA-2025:7418)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7418 advisory. php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header...
RHEL 10 : php (RHSA-2025:7489)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7489 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Header parser of http stream...
RHEL 9 : php (RHSA-2025:7431)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7431 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Header parser of http stream...
Fedora: Security Advisory (FEDORA-2025-67a302413e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
php security update
8.0.30-3 - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP...
AlmaLinux 9 : php (ALSA-2025:7431)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7431 advisory. php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header...
RHEL 9 : php:8.3 (RHSA-2025:7418)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7418 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Header parser of http stream...
Moderate: Red Hat Security Advisory: php security update
An update for php is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
ALSA-2025:7431 Moderate: php security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 php: Streams HTTP wrapper...
Moderate: php:8.2 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...
RHEL 9 : php:8.1 (RHSA-2025:4263)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4263 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap...
Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2025-936)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-936 advisory. Header parser of http stream wrapper does not handle folded headers. CVE-2025-1217 When requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used t...
K000150719: Multiple PHP vulnerabilities
Security Advisory Description CVE-2024-11235 In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by...
CVE-2025-1217 affecting package php for versions less than 8.1.32-1
CVE-2025-1217 affecting package php for versions less than 8.1.32-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-1217 affecting package php for versions less than 8.3.19-1
CVE-2025-1217 affecting package php for versions less than 8.3.19-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: php (CVE-2025-1217)
The version of php installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1217 advisory. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when...
Medium: php8.1
Issue Overview: Header parser of http stream wrapper does not handle folded headers. CVE-2025-1217 When requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. CVE-2025-1219...