Lucene search
+L

11 matches found

redhat
redhat
added 2026/02/10 8:28 p.m.5 views

php: Stream HTTP wrapper truncates redirect location to 1024 bytes

A flaw was found in PHP. This vulnerability allows incorrect URL truncation and redirection to the wrong location via HTTP redirect handling due to a limited location buffer size...

9.8CVSS5.9AI score0.00821EPSS
Exploits0References5
osv
osv
added 2026/02/10 12:0 a.m.8 views

ALSA-2026:2470 Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

9.8CVSS6AI score0.02286EPSS
Exploits10References28
nessus
nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 9 : php:8.2 (AXSA:2025-10480:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10480:01 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with...

9.8CVSS7.6AI score0.02286EPSS
Exploits5References9
nessus
nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 9 : php-8.0.30-3.el9_6 (AXSA:2025-10450:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10450:05 advisory. php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth...

9.8CVSS6.3AI score0.00821EPSS
Exploits2References6
rocky
rocky
added 2025/10/04 12:11 a.m.8 views

php security update

An update is available for php. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting language commonly used with the Apache HTTP...

9.8CVSS5.7AI score0.00821EPSS
Exploits2
redhat
redhat
added 2025/09/11 12:0 p.m.14 views

Moderate: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.02286EPSS
Exploits5References9
osv
osv
added 2025/09/11 12:0 a.m.8 views

ALSA-2025:15687 Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

9.8CVSS7.1AI score0.02286EPSS
Exploits5References18
cloudlinux
cloudlinux
added 2025/08/29 4:13 p.m.10 views

php: Fix of 3 CVEs

CVE-2025-1217: http stream wrapper: fix handling folded headers - CVE-2025-1734: http stream wrapper: fix handling headers with invalid name and no colon - CVE-2025-1861: fix http redirect location truncation...

9.8CVSS7AI score0.00821EPSS
Exploits1
redhat
redhat
added 2025/05/13 5:18 p.m.4 views

php: Stream HTTP wrapper truncates redirect location to 1024 bytes

A flaw was found in PHP. This vulnerability allows incorrect URL truncation and redirection to the wrong location via HTTP redirect handling due to a limited location buffer size...

9.8CVSS5.9AI score0.00821EPSS
Exploits0References5
amazon
amazon
added 2025/04/01 12:0 a.m.3 views

Medium: php

Issue Overview: Header parser of http stream wrapper does not handle folded headers. CVE-2025-1217 When requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. CVE-2025-1219...

9.8CVSS7AI score0.00821EPSS
Exploits2
suse
suse
added 2025/03/26 11:30 a.m.3 views

Security update for php7

This update for php7 fixes the following issues: CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 CVE-2025-1219: Fixed libxml streams using wrong...

7.3CVSS7.3AI score0.01407EPSS
Exploits3References24
Rows per page
Query Builder