22 matches found
Unity Linux 20.1070e Security Update: netty (UTSA-2026-017791)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017791 advisory. HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or...
php: Streams HTTP wrapper does not fail for headers with invalid name and no colon
A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon :, which may confuse applications into processing them as valid headers...
php: Streams HTTP wrapper does not fail for headers with invalid name and no colon
A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon :, which may confuse applications into processing them as valid headers...
php: Fix of 3 CVEs
CVE-2025-1217: http stream wrapper: fix handling folded headers - CVE-2025-1734: http stream wrapper: fix handling headers with invalid name and no colon - CVE-2025-1861: fix http redirect location truncation...
Linux Distros Unpatched Vulnerability : CVE-2019-20444
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax...
Linux Distros Unpatched Vulnerability : CVE-2025-1734
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers...
CLSA-2025-1748639500 php: Fix of 3 CVEs
CVE-2025-1217: fix handling of folded headers by the http stream parser - CVE-2025-1734: fix validation of http headers with missing colon - CVE-2025-1861: fix incorrect http redirect location truncation...
CLSA-2025-1747740986 php: Fix of 3 CVEs
CVE-2025-1217: fix handling of folded headers by the http stream parser - CVE-2025-1734: fix validation of http headers with missing colon - CVE-2025-1861: fix incorrect http redirect location truncation...
CLSA-2025-1747690840 php: Fix of 3 CVEs
CVE-2025-1217: fix handling of folded headers by the http stream parser - CVE-2025-1734: fix validation of http headers with missing colon - CVE-2025-1861: fix incorrect http redirect location truncation...
php: Streams HTTP wrapper does not fail for headers with invalid name and no colon
A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon :, which may confuse applications into processing them as valid headers...
php: Streams HTTP wrapper does not fail for headers with invalid name and no colon
A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon :, which may confuse applications into processing them as valid headers...
php: Streams HTTP wrapper does not fail for headers with invalid name and no colon
A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon :, which may confuse applications into processing them as valid headers...
php: Streams HTTP wrapper does not fail for headers with invalid name and no colon
A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon :, which may confuse applications into processing them as valid headers...
DEBIAN-CVE-2025-1734
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...
AZL-59315 CVE-2025-1734 affecting package php for versions less than 8.1.32-1
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...
AZL-59334 CVE-2025-1734 affecting package php for versions less than 8.3.19-1
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...
PHP 安全漏洞
PHP is a scripting language for PHP that is executed server-side. A security vulnerability exists in PHP versions prior to 8.1.32, 8.2.28, 8.3.19, and 8.4.5, which stems from the fact that when receiving a header from an HTTP server, a header with a missing colon is incorrectly treated as a valid...
UBUNTU-CVE-2025-1734
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...
OESA-2024-2103 netty3 security update
Netty is a NIO client server framework which enables quick and easy development of network applications such as protocol servers and clients. It greatly simplifies and streamlines network programming such as TCP and UDP socket server. Security Fixes: Netty before 4.1.42.Final mishandles whitespac...
OESA-2024-2067 netty3 security update
Netty is a NIO client server framework which enables quick and easy development of network applications such as protocol servers and clients. It greatly simplifies and streamlines network programming such as TCP and UDP socket server. Security Fixes: Netty before 4.1.42.Final mishandles whitespac...