Vulnerabilidades en PHP Group
88 resultadosCVE-2024-11234MEDIUMConfiguring a proxy in a stream context might allow for CRLF injection in URIsEPSS 1.1%CVE-2024-8927HIGHcgi.force_redirect configuration is bypassable due to the environment variable collisionEPSS 1.1%CVE-2025-1735MEDIUMpgsql extension does not check for errors during escapingEPSS 1.0%CVE-2024-8925LOWErroneous parsing of multipart form dataEPSS 0.9%CVE-2023-0567HIGHpassword_verify() always returns true for some invalid hashesEPSS 0.9%CVE-2025-6491MEDIUMNULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace PrefixEPSS 0.9%CVE-2025-1861MEDIUMStream HTTP wrapper truncates redirect location to 1024 bytesEPSS 0.8%CVE-2025-1219MEDIUMlibxml streams use wrong content-type header when requesting a redirected resourceEPSS 0.7%CVE-2023-3247LOWMissing error check and insufficient random bytes in HTTP Digest authentication for SOAPEPSS 0.7%CVE-2025-14180HIGHNULL Pointer Dereference in PDO quotingEPSS 0.6%CVE-2022-31628LOWphar wrapper can occur dos when using quine gzip fileEPSS 0.6%CVE-2025-1217MEDIUMHeader parser of http stream wrapper does not handle folded headersEPSS 0.5%CVE-2025-1220LOWNull byte termination in hostnamesEPSS 0.5%CVE-2025-1736MEDIUMStream HTTP wrapper header check might omit basic auth headerEPSS 0.5%CVE-2026-6722CRITICALUse-After-Free in SOAP using Apache mapEPSS 0.5%CVE-2024-9026LOWPHP-FPM logs from children may be alteredEPSS 0.5%CVE-2025-14177MEDIUMInformation Leak of Memory in getimagesizeEPSS 0.5%CVE-2025-1734MEDIUMStreams HTTP wrapper does not fail for headers with invalid name and no colonEPSS 0.5%CVE-2026-7262LOWNULL pointer dereference in SOAP apache:Map decoder with missing <value>EPSS 0.4%CVE-2026-6104MEDIUMGlobal buffer over-read in mb_convert_encoding() with attacker-supplied encodingEPSS 0.4%