AZL-59306 CVE-2025-1861 affecting package php for versions less than 8.1.32-1

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...

PT-2020-6128 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB version 9.0 Enterprise Edition Description: The issue is related to insufficient input validation in the Chadha PHPKB software. This allows a remote unauthenticated attacker to disclose local files on hosts running PHP versions...