Description
There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:
- In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before
8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the
location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the
limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong
location. (CVE-2025-1861)
- In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=
operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the
memory layout leading to this, for example by supplying specially crafted inputs to the script, it could
lead to remote code execution. (CVE-2024-11235)
- In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before
8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed
incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc.
(CVE-2025-1217)
- In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before
8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type
header is used to determine the charset when the requested resource performs a redirect. This may cause
the resulting document to be parsed incorrectly or bypass validations. (CVE-2025-1219)
- In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before
8.4.5, when receiving headers from HTTP server, the headers missing a colon (:) are treated as valid
headers even though they are not. This may confuse applications into accepting invalid headers.
(CVE-2025-1734)
Plugin Details
Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Threat Vector: CVSS:4.0/E:P
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Vulnerability Information
Exploit Ease: Exploits are available
Vulnerability Publication Date: 3/12/2025