Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-1736 (GCVE-0-2025-1736)
Vulnerability from cvelistv5 – Published: 2025-03-30 05:49 – Updated: 2025-11-03 20:57
VLAI
EPSS
VEX
Title
Stream HTTP wrapper header check might omit basic auth header
Summary
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Date Public
2025-03-23 17:43
Credits
Jakub Zelenka
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-31T12:57:12.660404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-31T12:57:22.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:57:10.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250523-0006/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "PHP",
"vendor": "PHP Group",
"versions": [
{
"lessThan": "8.1.32",
"status": "affected",
"version": "8.1.*",
"versionType": "semver"
},
{
"lessThan": "8.2.28",
"status": "affected",
"version": "8.2.*",
"versionType": "semver"
},
{
"lessThan": "8.3.19",
"status": "affected",
"version": "8.3.*",
"versionType": "semver"
},
{
"lessThan": "8.4.5",
"status": "affected",
"version": "8.4.*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Jakub Zelenka"
}
],
"datePublic": "2025-03-23T17:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.\u0026nbsp;"
}
],
"value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted."
}
],
"impacts": [
{
"capecId": "CAPEC-33",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-33 HTTP Request Smuggling"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-30T05:49:14.551Z",
"orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
"shortName": "php"
},
"references": [
{
"url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528"
}
],
"source": {
"advisory": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96f",
"discovery": "INTERNAL"
},
"title": "Stream HTTP wrapper header check might omit basic auth header",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
"assignerShortName": "php",
"cveId": "CVE-2025-1736",
"datePublished": "2025-03-30T05:49:14.551Z",
"dateReserved": "2025-02-27T04:07:07.942Z",
"dateUpdated": "2025-11-03T20:57:10.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-1736",
"date": "2026-07-13",
"epss": "0.00531",
"percentile": "0.41145"
},
"microsoft_vex": {
"current_release_date": "2026-02-18T01:41:05.000Z",
"cve": "CVE-2025-1736",
"id": "msrc_CVE-2025-1736",
"initial_release_date": "2025-03-02T00:00:00.000Z",
"product_status:fixed": "5",
"product_status:known_affected": "5",
"source": "Microsoft CSAF VEX",
"status": "final",
"title": "Stream HTTP wrapper header check might omit basic auth header",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-1736.json",
"version": "3"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-1736\",\"sourceIdentifier\":\"security@php.net\",\"published\":\"2025-03-30T06:15:14.803\",\"lastModified\":\"2026-06-17T08:39:41.260\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.\"},{\"lang\":\"es\",\"value\":\"En PHP desde 8.1.* antes de 8.1.32, desde 8.2.* antes de 8.2.28, desde 8.3.* antes de 8.3.19, desde 8.4.* antes de 8.4.5, cuando se env\u00edan encabezados proporcionados por el usuario, la validaci\u00f3n insuficiente de los caracteres de final de l\u00ednea puede impedir que se env\u00eden ciertos encabezados o provocar que ciertos encabezados se malinterpreten.\"}],\"affected\":[{\"source\":\"security@php.net\",\"affectedData\":[{\"vendor\":\"PHP Group\",\"product\":\"PHP\",\"defaultStatus\":\"affected\",\"versions\":[{\"version\":\"8.1.*\",\"lessThan\":\"8.1.32\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.2.*\",\"lessThan\":\"8.2.28\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.3.*\",\"lessThan\":\"8.3.19\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.4.*\",\"lessThan\":\"8.4.5\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security@php.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-03-31T12:57:12.660404Z\",\"id\":\"CVE-2025-1736\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security@php.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.1.0\",\"versionEndExcluding\":\"8.1.32\",\"matchCriteriaId\":\"240B9DA6-4FE3-42D1-931A-9F4C62EC0ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndExcluding\":\"8.2.28\",\"matchCriteriaId\":\"3C01313A-447A-4190-B275-3A6394EEFD96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.3.0\",\"versionEndExcluding\":\"8.3.19\",\"matchCriteriaId\":\"A525415D-4C9F-4884-9F85-94989608D805\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.4.0\",\"versionEndExcluding\":\"8.4.5\",\"matchCriteriaId\":\"AC94B1EC-530A-4A25-9BCD-DAC5F52F6813\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A20333EE-4C13-426E-8B54-D78679D5DDB8\"}]}]}],\"references\":[{\"url\":\"https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528\",\"source\":\"security@php.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/03/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20250523-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"redhat_vex": {
"aggregate_severity": "Moderate",
"current_release_date": "2026-06-29T23:27:58+00:00",
"cve": "CVE-2025-1736",
"id": "CVE-2025-1736",
"initial_release_date": "2025-03-30T05:49:14.551000+00:00",
"product_status:fixed": "1775",
"product_status:known_affected": "54",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "php: Stream HTTP wrapper header check might omit basic auth header",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1736.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20250523-0006/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/03/msg00014.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T20:57:10.963Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-1736\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-31T12:57:12.660404Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-31T12:57:18.628Z\"}}], \"cna\": {\"title\": \"Stream HTTP wrapper header check might omit basic auth header\", \"source\": {\"advisory\": \"https://github.com/php/php-src/security/advisories/GHSA-hgf5-96f\", \"discovery\": \"INTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Jakub Zelenka\"}], \"impacts\": [{\"capecId\": \"CAPEC-33\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-33 HTTP Request Smuggling\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 6.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"PHP Group\", \"product\": \"PHP\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.1.*\", \"lessThan\": \"8.1.32\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"8.2.*\", \"lessThan\": \"8.2.28\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"8.3.*\", \"lessThan\": \"8.3.19\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"8.4.*\", \"lessThan\": \"8.4.5\", \"versionType\": \"semver\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2025-03-23T17:43:00.000Z\", \"references\": [{\"url\": \"https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.\u0026nbsp;\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"dd77f84a-d19a-4638-8c3d-a322d820ed2b\", \"shortName\": \"php\", \"dateUpdated\": \"2025-03-30T05:49:14.551Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-1736\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T20:57:10.963Z\", \"dateReserved\": \"2025-02-27T04:07:07.942Z\", \"assignerOrgId\": \"dd77f84a-d19a-4638-8c3d-a322d820ed2b\", \"datePublished\": \"2025-03-30T05:49:14.551Z\", \"assignerShortName\": \"php\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
ubuntu-cve-2025-1736
Vulnerability from osv_ubuntu
Published
2025-03-14 00:00
Modified
2026-04-22 07:53
Summary
Details
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.
Severity
7.3 (High)
N/A (UNKNOWN)
References
{
"affected": [
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libapache2-mod-php5",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "libapache2-mod-php5filter",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "libphp5-embed",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php-pear",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-cgi",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-cli",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-common",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-curl",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-enchant",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-fpm",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-gd",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-gmp",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-intl",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-ldap",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-mysql",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-mysqlnd",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-odbc",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-pgsql",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-pspell",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-readline",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-recode",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-snmp",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-sqlite",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-sybase",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-tidy",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-xmlrpc",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
},
{
"binary_name": "php5-xsl",
"binary_version": "5.5.9+dfsg-1ubuntu4.29+esm16"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "php5",
"purl": "pkg:deb/ubuntu/php5@5.5.9+dfsg-1ubuntu4.29+esm16?arch=source\u0026distro=esm-infra-legacy/trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.5.3+dfsg-1ubuntu2",
"5.5.3+dfsg-1ubuntu3",
"5.5.6+dfsg-1ubuntu1",
"5.5.6+dfsg-1ubuntu2",
"5.5.8+dfsg-2ubuntu1",
"5.5.9+dfsg-1ubuntu1",
"5.5.9+dfsg-1ubuntu2",
"5.5.9+dfsg-1ubuntu3",
"5.5.9+dfsg-1ubuntu4",
"5.5.9+dfsg-1ubuntu4.1",
"5.5.9+dfsg-1ubuntu4.2",
"5.5.9+dfsg-1ubuntu4.3",
"5.5.9+dfsg-1ubuntu4.4",
"5.5.9+dfsg-1ubuntu4.5",
"5.5.9+dfsg-1ubuntu4.6",
"5.5.9+dfsg-1ubuntu4.7",
"5.5.9+dfsg-1ubuntu4.9",
"5.5.9+dfsg-1ubuntu4.11",
"5.5.9+dfsg-1ubuntu4.12",
"5.5.9+dfsg-1ubuntu4.13",
"5.5.9+dfsg-1ubuntu4.14",
"5.5.9+dfsg-1ubuntu4.16",
"5.5.9+dfsg-1ubuntu4.17",
"5.5.9+dfsg-1ubuntu4.19",
"5.5.9+dfsg-1ubuntu4.20",
"5.5.9+dfsg-1ubuntu4.21",
"5.5.9+dfsg-1ubuntu4.22",
"5.5.9+dfsg-1ubuntu4.23",
"5.5.9+dfsg-1ubuntu4.24",
"5.5.9+dfsg-1ubuntu4.25",
"5.5.9+dfsg-1ubuntu4.26",
"5.5.9+dfsg-1ubuntu4.27",
"5.5.9+dfsg-1ubuntu4.29",
"5.5.9+dfsg-1ubuntu4.29+esm1",
"5.5.9+dfsg-1ubuntu4.29+esm2",
"5.5.9+dfsg-1ubuntu4.29+esm3",
"5.5.9+dfsg-1ubuntu4.29+esm4",
"5.5.9+dfsg-1ubuntu4.29+esm5",
"5.5.9+dfsg-1ubuntu4.29+esm6",
"5.5.9+dfsg-1ubuntu4.29+esm8",
"5.5.9+dfsg-1ubuntu4.29+esm10",
"5.5.9+dfsg-1ubuntu4.29+esm11",
"5.5.9+dfsg-1ubuntu4.29+esm12",
"5.5.9+dfsg-1ubuntu4.29+esm13",
"5.5.9+dfsg-1ubuntu4.29+esm14",
"5.5.9+dfsg-1ubuntu4.29+esm15",
"5.5.9+dfsg-1ubuntu4.29+esm16"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libapache2-mod-php7.0",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "libphp7.0-embed",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-bcmath",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-bz2",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-cgi",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-cli",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-common",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-curl",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-dba",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-enchant",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-fpm",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-gd",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-gmp",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-imap",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-interbase",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-intl",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-json",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-ldap",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-mbstring",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-mcrypt",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-mysql",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-odbc",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-opcache",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-pgsql",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-phpdbg",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-pspell",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-readline",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-recode",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-snmp",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-soap",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-sqlite3",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-sybase",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-tidy",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-xml",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-xmlrpc",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-xsl",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
},
{
"binary_name": "php7.0-zip",
"binary_version": "7.0.33-0ubuntu0.16.04.16+esm15"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "php7.0",
"purl": "pkg:deb/ubuntu/php7.0@7.0.33-0ubuntu0.16.04.16+esm15?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.0.33-0ubuntu0.16.04.16+esm15"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"7.0.1-5",
"7.0.1-6",
"7.0.2-1",
"7.0.2-3",
"7.0.2-4",
"7.0.2-5",
"7.0.3-2",
"7.0.3-3",
"7.0.3-9ubuntu1",
"7.0.4-5ubuntu1",
"7.0.4-5ubuntu2",
"7.0.4-7ubuntu1",
"7.0.4-7ubuntu2",
"7.0.4-7ubuntu2.1",
"7.0.8-0ubuntu0.16.04.1",
"7.0.8-0ubuntu0.16.04.2",
"7.0.8-0ubuntu0.16.04.3",
"7.0.13-0ubuntu0.16.04.1",
"7.0.15-0ubuntu0.16.04.1",
"7.0.15-0ubuntu0.16.04.2",
"7.0.15-0ubuntu0.16.04.4",
"7.0.18-0ubuntu0.16.04.1",
"7.0.22-0ubuntu0.16.04.1",
"7.0.25-0ubuntu0.16.04.1",
"7.0.28-0ubuntu0.16.04.1",
"7.0.30-0ubuntu0.16.04.1",
"7.0.32-0ubuntu0.16.04.1",
"7.0.33-0ubuntu0.16.04.1",
"7.0.33-0ubuntu0.16.04.2",
"7.0.33-0ubuntu0.16.04.3",
"7.0.33-0ubuntu0.16.04.4",
"7.0.33-0ubuntu0.16.04.5",
"7.0.33-0ubuntu0.16.04.6",
"7.0.33-0ubuntu0.16.04.7",
"7.0.33-0ubuntu0.16.04.9",
"7.0.33-0ubuntu0.16.04.11",
"7.0.33-0ubuntu0.16.04.12",
"7.0.33-0ubuntu0.16.04.14",
"7.0.33-0ubuntu0.16.04.15",
"7.0.33-0ubuntu0.16.04.16",
"7.0.33-0ubuntu0.16.04.16+esm1",
"7.0.33-0ubuntu0.16.04.16+esm2",
"7.0.33-0ubuntu0.16.04.16+esm3",
"7.0.33-0ubuntu0.16.04.16+esm4",
"7.0.33-0ubuntu0.16.04.16+esm5",
"7.0.33-0ubuntu0.16.04.16+esm6",
"7.0.33-0ubuntu0.16.04.16+esm7",
"7.0.33-0ubuntu0.16.04.16+esm8",
"7.0.33-0ubuntu0.16.04.16+esm9",
"7.0.33-0ubuntu0.16.04.16+esm10",
"7.0.33-0ubuntu0.16.04.16+esm11",
"7.0.33-0ubuntu0.16.04.16+esm12",
"7.0.33-0ubuntu0.16.04.16+esm13",
"7.0.33-0ubuntu0.16.04.16+esm14"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libapache2-mod-php7.2",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "libphp7.2-embed",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-bcmath",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-bz2",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-cgi",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-cli",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-common",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-curl",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-dba",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-enchant",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-fpm",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-gd",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-gmp",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-imap",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-interbase",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-intl",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-json",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-ldap",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-mbstring",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-mysql",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-odbc",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-opcache",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-pgsql",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-phpdbg",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-pspell",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-readline",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-recode",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-snmp",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-soap",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-sqlite3",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-sybase",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-tidy",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-xml",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-xmlrpc",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-xsl",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
},
{
"binary_name": "php7.2-zip",
"binary_version": "7.2.24-0ubuntu0.18.04.17+esm8"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "php7.2",
"purl": "pkg:deb/ubuntu/php7.2@7.2.24-0ubuntu0.18.04.17+esm8?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.2.24-0ubuntu0.18.04.17+esm8"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"7.2.1-1ubuntu2",
"7.2.2-1ubuntu1",
"7.2.2-1ubuntu2",
"7.2.3-1ubuntu1",
"7.2.5-0ubuntu0.18.04.1",
"7.2.7-0ubuntu0.18.04.1",
"7.2.7-0ubuntu0.18.04.2",
"7.2.10-0ubuntu0.18.04.1",
"7.2.15-0ubuntu0.18.04.1",
"7.2.15-0ubuntu0.18.04.2",
"7.2.17-0ubuntu0.18.04.1",
"7.2.19-0ubuntu0.18.04.1",
"7.2.19-0ubuntu0.18.04.2",
"7.2.24-0ubuntu0.18.04.1",
"7.2.24-0ubuntu0.18.04.2",
"7.2.24-0ubuntu0.18.04.3",
"7.2.24-0ubuntu0.18.04.4",
"7.2.24-0ubuntu0.18.04.6",
"7.2.24-0ubuntu0.18.04.7",
"7.2.24-0ubuntu0.18.04.8",
"7.2.24-0ubuntu0.18.04.9",
"7.2.24-0ubuntu0.18.04.10",
"7.2.24-0ubuntu0.18.04.11",
"7.2.24-0ubuntu0.18.04.12",
"7.2.24-0ubuntu0.18.04.13",
"7.2.24-0ubuntu0.18.04.15",
"7.2.24-0ubuntu0.18.04.16",
"7.2.24-0ubuntu0.18.04.17",
"7.2.24-0ubuntu0.18.04.17+esm1",
"7.2.24-0ubuntu0.18.04.17+esm2",
"7.2.24-0ubuntu0.18.04.17+esm3",
"7.2.24-0ubuntu0.18.04.17+esm4",
"7.2.24-0ubuntu0.18.04.17+esm5",
"7.2.24-0ubuntu0.18.04.17+esm6",
"7.2.24-0ubuntu0.18.04.17+esm7"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libapache2-mod-php7.4",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "libphp7.4-embed",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-bcmath",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-bz2",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-cgi",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-cli",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-common",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-curl",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-dba",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-enchant",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-fpm",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-gd",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-gmp",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-imap",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-interbase",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-intl",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-json",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-ldap",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-mbstring",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-mysql",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-odbc",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-opcache",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-pgsql",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-phpdbg",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-pspell",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-readline",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-snmp",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-soap",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-sqlite3",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-sybase",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-tidy",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-xml",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-xmlrpc",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-xsl",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
},
{
"binary_name": "php7.4-zip",
"binary_version": "7.4.3-4ubuntu2.29+esm3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "php7.4",
"purl": "pkg:deb/ubuntu/php7.4@7.4.3-4ubuntu2.29+esm3?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"7.4.3-4build1",
"7.4.3-4build2",
"7.4.3-4ubuntu1",
"7.4.3-4ubuntu1.1",
"7.4.3-4ubuntu2.2",
"7.4.3-4ubuntu2.4",
"7.4.3-4ubuntu2.5",
"7.4.3-4ubuntu2.6",
"7.4.3-4ubuntu2.7",
"7.4.3-4ubuntu2.8",
"7.4.3-4ubuntu2.9",
"7.4.3-4ubuntu2.10",
"7.4.3-4ubuntu2.11",
"7.4.3-4ubuntu2.12",
"7.4.3-4ubuntu2.13",
"7.4.3-4ubuntu2.15",
"7.4.3-4ubuntu2.16",
"7.4.3-4ubuntu2.17",
"7.4.3-4ubuntu2.18",
"7.4.3-4ubuntu2.19",
"7.4.3-4ubuntu2.20",
"7.4.3-4ubuntu2.22",
"7.4.3-4ubuntu2.23",
"7.4.3-4ubuntu2.24",
"7.4.3-4ubuntu2.26",
"7.4.3-4ubuntu2.28",
"7.4.3-4ubuntu2.29",
"7.4.3-4ubuntu2.29+esm1",
"7.4.3-4ubuntu2.29+esm2",
"7.4.3-4ubuntu2.29+esm3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libapache2-mod-php7.4",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "libapache2-mod-php8.0",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "libapache2-mod-php8.1",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "libphp8.1-embed",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-bcmath",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-bz2",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-cgi",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-cli",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-common",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-curl",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-dba",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-enchant",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-fpm",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-gd",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-gmp",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-imap",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-interbase",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-intl",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-ldap",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-mbstring",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-mysql",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-odbc",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-opcache",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-pgsql",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-phpdbg",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-pspell",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-readline",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-snmp",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-soap",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-sqlite3",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-sybase",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-tidy",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-xml",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-xsl",
"binary_version": "8.1.2-1ubuntu2.21"
},
{
"binary_name": "php8.1-zip",
"binary_version": "8.1.2-1ubuntu2.21"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "php8.1",
"purl": "pkg:deb/ubuntu/php8.1@8.1.2-1ubuntu2.21?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.1.2-1ubuntu2.21"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8.1.0~rc4-1ubuntu2",
"8.1.0-1",
"8.1.2-1ubuntu1",
"8.1.2-1ubuntu2",
"8.1.2-1ubuntu2.1",
"8.1.2-1ubuntu2.2",
"8.1.2-1ubuntu2.3",
"8.1.2-1ubuntu2.4",
"8.1.2-1ubuntu2.5",
"8.1.2-1ubuntu2.6",
"8.1.2-1ubuntu2.8",
"8.1.2-1ubuntu2.9",
"8.1.2-1ubuntu2.10",
"8.1.2-1ubuntu2.11",
"8.1.2-1ubuntu2.13",
"8.1.2-1ubuntu2.14",
"8.1.2-1ubuntu2.15",
"8.1.2-1ubuntu2.17",
"8.1.2-1ubuntu2.18",
"8.1.2-1ubuntu2.19",
"8.1.2-1ubuntu2.20"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libapache2-mod-php8.3",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "libphp8.3-embed",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-bcmath",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-bz2",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-cgi",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-cli",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-common",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-curl",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-dba",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-enchant",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-fpm",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-gd",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-gmp",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-imap",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-interbase",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-intl",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-ldap",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-mbstring",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-mysql",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-odbc",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-opcache",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-pgsql",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-phpdbg",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-pspell",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-readline",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-snmp",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-soap",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-sqlite3",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-sybase",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-tidy",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-xml",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-xsl",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
},
{
"binary_name": "php8.3-zip",
"binary_version": "8.3.6-0ubuntu0.24.04.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "php8.3",
"purl": "pkg:deb/ubuntu/php8.3@8.3.6-0ubuntu0.24.04.4?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.3.6-0ubuntu0.24.04.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8.3.0-1",
"8.3.0-1ubuntu1",
"8.3.4-1",
"8.3.4-1build1",
"8.3.6-0maysync1",
"8.3.6-0ubuntu0.24.04.1",
"8.3.6-0ubuntu0.24.04.2",
"8.3.6-0ubuntu0.24.04.3"
]
}
],
"aliases": [],
"details": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.",
"id": "UBUNTU-CVE-2025-1736",
"modified": "2026-04-22T07:53:17Z",
"published": "2025-03-14T00:00:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2025-1736"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1736"
},
{
"type": "REPORT",
"url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528"
},
{
"type": "REPORT",
"url": "https://github.com/php/php-src/commit/41d49abbd99dab06cdae4834db664435f8177174"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7400-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7645-1"
}
],
"related": [
"USN-7400-1",
"USN-7645-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2025-1736"
]
}
WID-SEC-W-2025-0566
Vulnerability from csaf_certbund - Published: 2025-03-13 23:00 - Updated: 2026-05-21 22:00Summary
PHP: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: PHP ist eine Programmiersprache, die zur Implementierung von Web-Applikationen genutzt wird.
Angriff: Ein Angreifer kann mehrere Schwachstellen in PHP ausnutzen, um Daten zu manipulieren, beliebigen Code auszuführen, vertrauliche Informationen preiszugeben, einen Denial of Service Zustand herbeizuführen oder andere nicht näher spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
cPanel cPanel/WHM 126.0.63
cPanel / cPanel/WHM
|
cpe:/a:cpanel:cpanel_whm:126.0.63
|
126.0.63 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source PHP <8.4.5
Open Source / PHP
|
<8.4.5 | ||
|
Open Source PHP <8.3.19
Open Source / PHP
|
<8.3.19 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
cPanel cPanel/WHM 126.0.63
cPanel / cPanel/WHM
|
cpe:/a:cpanel:cpanel_whm:126.0.63
|
126.0.63 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source PHP <8.4.5
Open Source / PHP
|
<8.4.5 | ||
|
Open Source PHP <8.3.19
Open Source / PHP
|
<8.3.19 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Open Source PHP <8.1.32
Open Source / PHP
|
<8.1.32 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source PHP <8.2.28
Open Source / PHP
|
<8.2.28 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
cPanel cPanel/WHM 126.0.63
cPanel / cPanel/WHM
|
cpe:/a:cpanel:cpanel_whm:126.0.63
|
126.0.63 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source PHP <8.4.5
Open Source / PHP
|
<8.4.5 | ||
|
Open Source PHP <8.3.19
Open Source / PHP
|
<8.3.19 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Open Source PHP <8.1.32
Open Source / PHP
|
<8.1.32 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source PHP <8.2.28
Open Source / PHP
|
<8.2.28 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
cPanel cPanel/WHM 126.0.63
cPanel / cPanel/WHM
|
cpe:/a:cpanel:cpanel_whm:126.0.63
|
126.0.63 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source PHP <8.4.5
Open Source / PHP
|
<8.4.5 | ||
|
Open Source PHP <8.3.19
Open Source / PHP
|
<8.3.19 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Open Source PHP <8.1.32
Open Source / PHP
|
<8.1.32 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source PHP <8.2.28
Open Source / PHP
|
<8.2.28 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
cPanel cPanel/WHM 126.0.63
cPanel / cPanel/WHM
|
cpe:/a:cpanel:cpanel_whm:126.0.63
|
126.0.63 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source PHP <8.4.5
Open Source / PHP
|
<8.4.5 | ||
|
Open Source PHP <8.3.19
Open Source / PHP
|
<8.3.19 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Open Source PHP <8.1.32
Open Source / PHP
|
<8.1.32 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source PHP <8.2.28
Open Source / PHP
|
<8.2.28 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
cPanel cPanel/WHM 126.0.63
cPanel / cPanel/WHM
|
cpe:/a:cpanel:cpanel_whm:126.0.63
|
126.0.63 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source PHP <8.4.5
Open Source / PHP
|
<8.4.5 | ||
|
Open Source PHP <8.3.19
Open Source / PHP
|
<8.3.19 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Open Source PHP <8.1.32
Open Source / PHP
|
<8.1.32 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source PHP <8.2.28
Open Source / PHP
|
<8.2.28 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Vulnerability 7
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
cPanel cPanel/WHM 126.0.63
cPanel / cPanel/WHM
|
cpe:/a:cpanel:cpanel_whm:126.0.63
|
126.0.63 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source PHP <8.4.5
Open Source / PHP
|
<8.4.5 | ||
|
Open Source PHP <8.3.19
Open Source / PHP
|
<8.3.19 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Open Source PHP <8.1.32
Open Source / PHP
|
<8.1.32 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source PHP <8.2.28
Open Source / PHP
|
<8.2.28 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
References
49 references
| URL | Category |
|---|---|
| https://wid.cert-bund.de/.well-known/csaf/white/2… | self |
| https://wid.cert-bund.de/portal/wid/securityadvis… | self |
| https://php.net/releases/8_1_32.php | external |
| https://php.net/releases/8_2_28.php | external |
| https://php.net/releases/8_3_19.php | external |
| https://php.net/releases/8_4_5.php | external |
| https://www.php.net/ChangeLog-8.php | external |
| https://github.com/php/php-src/security/advisorie… | external |
| https://github.com/php/php-src/security/advisorie… | external |
| https://github.com/php/php-src/security/advisorie… | external |
| https://github.com/php/php-src/security/advisorie… | external |
| https://github.com/php/php-src/security/advisorie… | external |
| https://github.com/php/php-src/security/advisorie… | external |
| https://github.com/php/php-src/security/advisorie… | external |
| https://lists.debian.org/debian-security-announce… | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://lists.debian.org/debian-lts-announce/2025… | external |
| https://lists.suse.com/pipermail/sle-security-upd… | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://lists.suse.com/pipermail/sle-security-upd… | external |
| https://lists.suse.com/pipermail/sle-security-upd… | external |
| https://ubuntu.com/security/notices/USN-7400-1 | external |
| https://alas.aws.amazon.com/AL2/ALASPHP8.2-2025-0… | external |
| https://access.redhat.com/errata/RHSA-2025:4263 | external |
| https://linux.oracle.com/errata/ELSA-2025-4263.html | external |
| https://access.redhat.com/errata/RHSA-2025:7432 | external |
| https://access.redhat.com/errata/RHSA-2025:7418 | external |
| https://access.redhat.com/errata/RHSA-2025:7489 | external |
| https://access.redhat.com/errata/RHSA-2025:7431 | external |
| https://linux.oracle.com/errata/ELSA-2025-7431.html | external |
| https://security.netapp.com/advisory/ntap-2025052… | external |
| https://security.netapp.com/advisory/ntap-2025052… | external |
| https://linux.oracle.com/errata/ELSA-2025-7432.html | external |
| https://security.netapp.com/advisory/ntap-2025052… | external |
| https://security.netapp.com/advisory/ntap-2025052… | external |
| https://linux.oracle.com/errata/ELSA-2025-7418.html | external |
| https://security.netapp.com/advisory/ntap-2025052… | external |
| https://security.business.xerox.com/wp-content/up… | external |
| http://linux.oracle.com/errata/ELSA-2025-7489.html | external |
| https://ubuntu.com/security/notices/USN-7645-1 | external |
| https://errata.build.resf.org/RLSA-2025:7418 | external |
| https://errata.build.resf.org/RLSA-2025:4263 | external |
| https://access.redhat.com/errata/RHSA-2025:15687 | external |
| https://linux.oracle.com/errata/ELSA-2025-15687.html | external |
| https://errata.build.resf.org/RLSA-2026:2470 | external |
| https://errata.build.resf.org/RLSA-2025:15687 | external |
| https://access.redhat.com/errata/RHSA-2026:2470 | external |
| https://linux.oracle.com/errata/ELSA-2026-2470.html | external |
| https://docs.cpanel.net/changelogs/126-change-log/ | external |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "PHP ist eine Programmiersprache, die zur Implementierung von Web-Applikationen genutzt wird.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in PHP ausnutzen, um Daten zu manipulieren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen preiszugeben, einen Denial of Service Zustand herbeizuf\u00fchren oder andere nicht n\u00e4her spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0566 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0566.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0566 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0566"
},
{
"category": "external",
"summary": "PHP 8.1.32 Release vom 2025-03-13",
"url": "https://php.net/releases/8_1_32.php"
},
{
"category": "external",
"summary": "PHP 8.2.28 Release vom 2025-03-13",
"url": "https://php.net/releases/8_2_28.php"
},
{
"category": "external",
"summary": "PHP 8.3.19 Release vom 2025-03-13",
"url": "https://php.net/releases/8_3_19.php"
},
{
"category": "external",
"summary": "PHP 8.4.5 Released vom 2025-03-13",
"url": "https://php.net/releases/8_4_5.php"
},
{
"category": "external",
"summary": "PHP 8 Changelog vom 2025-03-13",
"url": "https://www.php.net/ChangeLog-8.php"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-wg4p-4hqh-c3g9 vom 2025-03-13",
"url": "https://github.com/php/php-src/security/advisories/GHSA-wg4p-4hqh-c3g9"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-rwp7-7vc6-8477 vom 2025-03-13",
"url": "https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-v8xr-gpvj-cx9g vom 2025-03-13",
"url": "https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-p3x9-6h7p-cgfc vom 2025-03-13",
"url": "https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-pcmh-g36c-qc44 vom 2025-03-13",
"url": "https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-hgf5-96fm-v528 vom 2025-03-13",
"url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-52jp-hrpf-2jff vom 2025-03-13",
"url": "https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5878 vom 2025-03-14",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00040.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:14895-1 vom 2025-03-16",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/V7LU4U7HP6TCMKUSW3XOAH6TARUKTOSU/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4088 vom 2025-03-20",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00014.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0994-1 vom 2025-03-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020582.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1012-1 vom 2025-03-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/67QWCWHKJLOP36M4P6XEKEGCCMNLPNHZ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1025-1 vom 2025-03-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020601.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1026-1 vom 2025-03-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020600.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7400-1 vom 2025-03-31",
"url": "https://ubuntu.com/security/notices/USN-7400-1"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASPHP8.2-2025-007 vom 2025-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASPHP8.2-2025-007.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4263 vom 2025-04-28",
"url": "https://access.redhat.com/errata/RHSA-2025:4263"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-4263 vom 2025-04-29",
"url": "https://linux.oracle.com/errata/ELSA-2025-4263.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7432 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:7432"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7418 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:7418"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7489 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:7489"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7431 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:7431"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7431 vom 2025-05-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-7431.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250523-0005 vom 2025-05-23",
"url": "https://security.netapp.com/advisory/ntap-20250523-0005/"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250523-0006 vom 2025-05-23",
"url": "https://security.netapp.com/advisory/ntap-20250523-0006/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7432 vom 2025-05-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-7432.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250523-0007 vom 2025-05-23",
"url": "https://security.netapp.com/advisory/ntap-20250523-0007/"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250523-0008 vom 2025-05-23",
"url": "https://security.netapp.com/advisory/ntap-20250523-0008/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7418 vom 2025-05-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-7418.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250523-0009 vom 2025-05-23",
"url": "https://security.netapp.com/advisory/ntap-20250523-0009/"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-012 vom 2025-06-02",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/06/Xerox-Security-Bulletin-XRX25-012-for-Xerox-FreeFlow-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7489 vom 2025-06-28",
"url": "http://linux.oracle.com/errata/ELSA-2025-7489.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7645-1 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7645-1"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:7418 vom 2025-07-29",
"url": "https://errata.build.resf.org/RLSA-2025:7418"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:4263 vom 2025-07-29",
"url": "https://errata.build.resf.org/RLSA-2025:4263"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15687 vom 2025-09-11",
"url": "https://access.redhat.com/errata/RHSA-2025:15687"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-15687 vom 2025-09-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-15687.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:2470 vom 2026-02-11",
"url": "https://errata.build.resf.org/RLSA-2026:2470"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:15687 vom 2026-02-11",
"url": "https://errata.build.resf.org/RLSA-2025:15687"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2470 vom 2026-02-10",
"url": "https://access.redhat.com/errata/RHSA-2026:2470"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-2470 vom 2026-02-12",
"url": "https://linux.oracle.com/errata/ELSA-2026-2470.html"
},
{
"category": "external",
"summary": "cPanel \u0026 WHM Change Log vom 2026-05-21",
"url": "https://docs.cpanel.net/changelogs/126-change-log/"
}
],
"source_lang": "en-US",
"title": "PHP: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-21T22:00:00.000+00:00",
"generator": {
"date": "2026-05-22T07:20:40.035+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2025-0566",
"initial_release_date": "2025-03-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-03-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-03-16T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian und openSUSE aufgenommen"
},
{
"date": "2025-03-19T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-03-24T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-25T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-26T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-31T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-01T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-28T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-29T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-05-13T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-25T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux und NetApp aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2025-06-29T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-17T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-29T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-09-11T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-02-10T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen"
},
{
"date": "2026-02-11T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-05-21T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "20"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "NetApp Data ONTAP 9",
"product_id": "T039981",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:9"
}
}
}
],
"category": "product_name",
"name": "Data ONTAP"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.1.32",
"product": {
"name": "Open Source PHP \u003c8.1.32",
"product_id": "T041909"
}
},
{
"category": "product_version",
"name": "8.1.32",
"product": {
"name": "Open Source PHP 8.1.32",
"product_id": "T041909-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:php:php:8.1.32"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.2.28",
"product": {
"name": "Open Source PHP \u003c8.2.28",
"product_id": "T041910"
}
},
{
"category": "product_version",
"name": "8.2.28",
"product": {
"name": "Open Source PHP 8.2.28",
"product_id": "T041910-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:php:php:8.2.28"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.3.19",
"product": {
"name": "Open Source PHP \u003c8.3.19",
"product_id": "T041911"
}
},
{
"category": "product_version",
"name": "8.3.19",
"product": {
"name": "Open Source PHP 8.3.19",
"product_id": "T041911-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:php:php:8.3.19"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.4.5",
"product": {
"name": "Open Source PHP \u003c8.4.5",
"product_id": "T041912"
}
},
{
"category": "product_version",
"name": "8.4.5",
"product": {
"name": "Open Source PHP 8.4.5",
"product_id": "T041912-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:php:php:8.4.5"
}
}
}
],
"category": "product_name",
"name": "PHP"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "126.0.63",
"product": {
"name": "cPanel cPanel/WHM 126.0.63",
"product_id": "T054473",
"product_identification_helper": {
"cpe": "cpe:/a:cpanel:cpanel_whm:126.0.63"
}
}
}
],
"category": "product_name",
"name": "cPanel/WHM"
}
],
"category": "vendor",
"name": "cPanel"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11235",
"product_status": {
"known_affected": [
"T054473",
"67646",
"T041912",
"T041911",
"T002977",
"T004914",
"T032255",
"T039981",
"2951",
"T002207",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2024-11235"
},
{
"cve": "CVE-2025-1217",
"product_status": {
"known_affected": [
"T054473",
"67646",
"T041912",
"T041911",
"T002977",
"T004914",
"T032255",
"T039981",
"T041909",
"2951",
"T002207",
"T000126",
"T027843",
"T041910",
"398363"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2025-1217"
},
{
"cve": "CVE-2025-1219",
"product_status": {
"known_affected": [
"T054473",
"67646",
"T041912",
"T041911",
"T002977",
"T004914",
"T032255",
"T039981",
"T041909",
"2951",
"T002207",
"T000126",
"T027843",
"T041910",
"398363"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2025-1219"
},
{
"cve": "CVE-2025-1734",
"product_status": {
"known_affected": [
"T054473",
"67646",
"T041912",
"T041911",
"T002977",
"T004914",
"T032255",
"T039981",
"T041909",
"2951",
"T002207",
"T000126",
"T027843",
"T041910",
"398363"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2025-1734"
},
{
"cve": "CVE-2025-1736",
"product_status": {
"known_affected": [
"T054473",
"67646",
"T041912",
"T041911",
"T002977",
"T004914",
"T032255",
"T039981",
"T041909",
"2951",
"T002207",
"T000126",
"T027843",
"T041910",
"398363"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2025-1736"
},
{
"cve": "CVE-2025-1861",
"product_status": {
"known_affected": [
"T054473",
"67646",
"T041912",
"T041911",
"T002977",
"T004914",
"T032255",
"T039981",
"T041909",
"2951",
"T002207",
"T000126",
"T027843",
"T041910",
"398363"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2025-1861"
},
{
"product_status": {
"known_affected": [
"T054473",
"67646",
"T041912",
"T041911",
"T002977",
"T004914",
"T032255",
"T039981",
"T041909",
"2951",
"T002207",
"T000126",
"T027843",
"T041910",
"398363"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…