Updated: 2025-04-02 01:55:48.622699
Description:
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving headers from HTTP server, the headers missing a colon (:) are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0 |
| CVSS Version 3.x | LOW | 3.7 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| EL 6 PHP | php | 7.1 | 3.7 | LOW | In Testing | 2025-04-09 03:17:58 | ||
| EL 6 PHP | php | 7.2 | 3.7 | LOW | In Testing | 2025-04-09 03:18:06 | ||
| EL 6 PHP | php | 5.6 | 3.7 | LOW | In Testing | 2025-04-16 04:23:12 | ||
| EL 6 PHP | php | 5.4 | 3.7 | LOW | In Testing | 2025-04-16 04:23:21 | ||
| EL 6 PHP | php | 5.2 | 3.7 | LOW | In Testing | 2025-04-16 04:23:22 | ||
| EL 6 PHP | php | 7.0 | 3.7 | LOW | In Testing | 2025-04-09 03:17:58 | ||
| EL 6 PHP | php | 7.3 | 3.7 | LOW | In Testing | 2025-04-09 03:18:06 | ||
| EL 6 PHP | php | 8.2 | 3.7 | LOW | In Testing | 2025-04-10 03:08:25 | ||
| EL 6 PHP | php | 8.1 | 3.7 | LOW | In Testing | 2025-04-10 03:08:23 | ||
| EL 6 PHP | php | 5.3 | 3.7 | LOW | In Testing | 2025-04-16 04:23:22 |