{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1736", "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "state": "PUBLISHED", "assignerShortName": "php", "dateReserved": "2025-02-27T04:07:07.942Z", "datePublished": "2025-03-30T05:49:14.551Z", "dateUpdated": "2025-05-23T13:11:05.671Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "PHP", "vendor": "PHP Group", "versions": [{"lessThan": "8.1.32", "status": "affected", "version": "8.1.*", "versionType": "semver"}, {"lessThan": "8.2.28", "status": "affected", "version": "8.2.*", "versionType": "semver"}, {"lessThan": "8.3.19", "status": "affected", "version": "8.3.*", "versionType": "semver"}, {"lessThan": "8.4.5", "status": "affected", "version": "8.4.*", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Jakub Zelenka"}], "datePublic": "2025-03-23T17:43:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted. "}], "value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted."}], "impacts": [{"capecId": "CAPEC-33", "descriptions": [{"lang": "en", "value": "CAPEC-33 HTTP Request Smuggling"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 6.3, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php", "dateUpdated": "2025-03-30T05:49:14.551Z"}, "references": [{"url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528"}], "source": {"advisory": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96f", "discovery": "INTERNAL"}, "title": "Stream HTTP wrapper header check might omit basic auth header", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-31T12:57:12.660404Z", "id": "CVE-2025-1736", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T12:57:22.517Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20250523-0006/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-05-23T13:11:05.671Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20250523-0006/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-05-23T13:11:05.671Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1736", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-31T12:57:12.660404Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T12:57:18.628Z"}}], "cna": {"title": "Stream HTTP wrapper header check might omit basic auth header", "source": {"advisory": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96f", "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "Jakub Zelenka"}], "impacts": [{"capecId": "CAPEC-33", "descriptions": [{"lang": "en", "value": "CAPEC-33 HTTP Request Smuggling"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "PHP Group", "product": "PHP", "versions": [{"status": "affected", "version": "8.1.*", "lessThan": "8.1.32", "versionType": "semver"}, {"status": "affected", "version": "8.2.*", "lessThan": "8.2.28", "versionType": "semver"}, {"status": "affected", "version": "8.3.*", "lessThan": "8.3.19", "versionType": "semver"}, {"status": "affected", "version": "8.4.*", "lessThan": "8.4.5", "versionType": "semver"}], "defaultStatus": "affected"}], "datePublic": "2025-03-23T17:43:00.000Z", "references": [{"url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.", "supportingMedia": [{"type": "text/html", "value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted. ", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php", "dateUpdated": "2025-03-30T05:49:14.551Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1736", "state": "PUBLISHED", "dateUpdated": "2025-05-23T13:11:05.671Z", "dateReserved": "2025-02-27T04:07:07.942Z", "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "datePublished": "2025-03-30T05:49:14.551Z", "assignerShortName": "php"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "240B9DA6-4FE3-42D1-931A-9F4C62EC0ABA", "versionEndExcluding": "8.1.32", "versionStartIncluding": "8.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C01313A-447A-4190-B275-3A6394EEFD96", "versionEndExcluding": "8.2.28", "versionStartIncluding": "8.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "A525415D-4C9F-4884-9F85-94989608D805", "versionEndExcluding": "8.3.19", "versionStartIncluding": "8.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC94B1EC-530A-4A25-9BCD-DAC5F52F6813", "versionEndExcluding": "8.4.5", "versionStartIncluding": "8.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*", "matchCriteriaId": "A20333EE-4C13-426E-8B54-D78679D5DDB8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted."}, {"lang": "es", "value": "En PHP desde 8.1.* antes de 8.1.32, desde 8.2.* antes de 8.2.28, desde 8.3.* antes de 8.3.19, desde 8.4.* antes de 8.4.5, cuando se env\u00edan encabezados proporcionados por el usuario, la validaci\u00f3n insuficiente de los caracteres de final de l\u00ednea puede impedir que se env\u00eden ciertos encabezados o provocar que ciertos encabezados se malinterpreten."}], "id": "CVE-2025-1736", "lastModified": "2025-07-02T20:14:40.817", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security@php.net", "type": "Secondary"}]}, "published": "2025-03-30T06:15:14.803", "references": [{"source": "security@php.net", "tags": ["Vendor Advisory"], "url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20250523-0006/"}], "sourceIdentifier": "security@php.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@php.net", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:7489", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "php-0:8.3.19-1.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:4263", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "php:8.1-9050020250423093228.9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-04-28T00:00:00Z"}, {"advisory": "RHSA-2025:7418", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "php:8.3-9060020250409105946.9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:7431", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "php-0:8.0.30-3.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:7432", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "php:8.2-9060020250428130539.9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}], "bugzilla": {"description": "php: Stream HTTP wrapper header check might omit basic auth header", "id": "2356041", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356041"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.7", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-20", "details": ["In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.", "A flaw was found in PHP. This vulnerability allows certain headers to be either not sent or misinterpreted due to insufficient validation of the end-of-line characters via user-supplied headers."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-1736", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "php", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "php", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "php:7.4/php", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "php:8.2/php", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2025-03-30T05:49:14Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-1736\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-1736\nhttps://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528"], "threat_severity": "Moderate"}