2 matches found
MiracleLinux 7 : php-5.4.16-48.0.9.el7.AXS7 (AXSA:2025-10766:08)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10766:08 advisory. CVE-2025-6491: fix buffer overflow vulnerability CVEs: CVE-2025-6491 In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. before...
BIT-LIBPHP-2025-6491 NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. before 8.4.10 when parsing XML data in SOAP extensions, overly large 2Gb XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server...