CVE-2025-14177

Medium CVSS: 6.3

In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.

Vendor

Php

Product

Php

CWE

CWE-125

Yayın Tarihi

2025-12-27 20:15:40

Güncelleme

2026-01-08 22:03:28

Source Identifier

security@php.net

KEV Date Added

Kategoriler

CWE-125 Php MEDIUM Php 2025

Referanslar

https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7

Benzer Kayıtlar

High

CVE-2026-24894

FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $_SESSIO…

High

CVE-2026-24895

FrankenPHP is a modern application server for PHP. Prior to 1.11.2, FrankenPHP’s CGI path splitting logic improperly han…

Medium

CVE-2025-14178

In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1,…

High

CVE-2025-14180

In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 w…

Low

CVE-2025-1220

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like f…

Medium

CVE-2025-1735

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functi…