Search for packages
| purl | pkg:deb/debian/php8.4@8.4.20-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-26ab-3bt8-jkf3 | php: heap-based buffer overflow in array_merge() |
CVE-2025-14178
|
| VCID-46m1-33z3-ruhk | php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement |
CVE-2025-14180
|
| VCID-7qqj-hp6m-z7bh | php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix |
CVE-2025-6491
|
| VCID-bf18-3zx5-f7gr | php: Header parser of http stream wrapper does not handle folded headers |
CVE-2025-1217
|
| VCID-fyhr-st6h-eker | php: PHP Hostname Null Character Vulnerability |
CVE-2025-1220
|
| VCID-hjx8-gss6-gfb1 | php: Reference counting in php_request_shutdown causes Use-After-Free |
CVE-2024-11235
|
| VCID-nrnn-pgxj-xugg | php: Stream HTTP wrapper truncates redirect location to 1024 bytes |
CVE-2025-1861
|
| VCID-qyx5-b321-2udm | php: Stream HTTP wrapper header check might omit basic auth header |
CVE-2025-1736
|
| VCID-rh5h-at8n-bfdj | php: PHP: Information disclosure via getimagesize() function when reading multi-chunk images |
CVE-2025-14177
|
| VCID-t862-kese-z7ae | php: libxml streams use wrong content-type header when requesting a redirected resource |
CVE-2025-1219
|
| VCID-uqrh-9nue-rqgx | php: Streams HTTP wrapper does not fail for headers with invalid name and no colon |
CVE-2025-1734
|
| VCID-uush-g6k9-9ffm | php: pgsql extension does not check for errors during escaping |
CVE-2025-1735
|