CLSA-2025-1757014652

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1757014652
Upstream
Published
2025-09-04T19:37:36Z
Modified
2026-06-04T09:45:57.040041437Z
Summary
Fix CVE(s): CVE-2025-1217, CVE-2025-1734, CVE-2025-1736, CVE-2025-1861
Details
  • SECURITY UPDATE: misinterpretation of HTTP response headers
    • debian/patches/CVE-2025-1217.patch: adds HTTP header folding support for HTTP wrapper response headers in ext/standard/httpfopenwrapper.c
    • CVE-2025-1217
  • SECURITY UPDATE: insufficient HTTP header validation
    • debian/patches/CVE-2025-1734.patch: adds logic to fail invalid HTTP headers in ext/standard/httpfopenwrapper.c
    • CVE-2025-1734
  • SECURITY UPDATE: http redirect location truncation
    • debian/patches/CVE-2025-1861.patch: converts the allocation of location to be on heap instead of stack and errors if the location length is greater than 8086 bytes in ext/standard/httpfopenwrapper.c
    • CVE-2025-1861
  • SECURITY UPDATE: insufficient HTTP header validation
    • debian/patches/CVE-2025-1736.patch: updates the http user header check for crlf in ext/standard/httpfopenwrapper.c
    • CVE-2025-1736
References

Affected packages

TuxCare:Ubuntu:18.04
libapache2-mod-php7.2

Package

Name
libapache2-mod-php7.2
Purl
pkg:deb/tuxcare/libapache2-mod-php7.2?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
libphp7.2-embed

Package

Name
libphp7.2-embed
Purl
pkg:deb/tuxcare/libphp7.2-embed?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2

Package

Name
php7.2
Purl
pkg:deb/tuxcare/php7.2?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-bcmath

Package

Name
php7.2-bcmath
Purl
pkg:deb/tuxcare/php7.2-bcmath?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-bz2

Package

Name
php7.2-bz2
Purl
pkg:deb/tuxcare/php7.2-bz2?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-cgi

Package

Name
php7.2-cgi
Purl
pkg:deb/tuxcare/php7.2-cgi?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-cli

Package

Name
php7.2-cli
Purl
pkg:deb/tuxcare/php7.2-cli?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-common

Package

Name
php7.2-common
Purl
pkg:deb/tuxcare/php7.2-common?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-curl

Package

Name
php7.2-curl
Purl
pkg:deb/tuxcare/php7.2-curl?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-dba

Package

Name
php7.2-dba
Purl
pkg:deb/tuxcare/php7.2-dba?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-dev

Package

Name
php7.2-dev
Purl
pkg:deb/tuxcare/php7.2-dev?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-enchant

Package

Name
php7.2-enchant
Purl
pkg:deb/tuxcare/php7.2-enchant?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-fpm

Package

Name
php7.2-fpm
Purl
pkg:deb/tuxcare/php7.2-fpm?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-gd

Package

Name
php7.2-gd
Purl
pkg:deb/tuxcare/php7.2-gd?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-gmp

Package

Name
php7.2-gmp
Purl
pkg:deb/tuxcare/php7.2-gmp?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-imap

Package

Name
php7.2-imap
Purl
pkg:deb/tuxcare/php7.2-imap?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-interbase

Package

Name
php7.2-interbase
Purl
pkg:deb/tuxcare/php7.2-interbase?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-intl

Package

Name
php7.2-intl
Purl
pkg:deb/tuxcare/php7.2-intl?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-json

Package

Name
php7.2-json
Purl
pkg:deb/tuxcare/php7.2-json?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-ldap

Package

Name
php7.2-ldap
Purl
pkg:deb/tuxcare/php7.2-ldap?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-mbstring

Package

Name
php7.2-mbstring
Purl
pkg:deb/tuxcare/php7.2-mbstring?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-mysql

Package

Name
php7.2-mysql
Purl
pkg:deb/tuxcare/php7.2-mysql?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-odbc

Package

Name
php7.2-odbc
Purl
pkg:deb/tuxcare/php7.2-odbc?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-opcache

Package

Name
php7.2-opcache
Purl
pkg:deb/tuxcare/php7.2-opcache?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-pgsql

Package

Name
php7.2-pgsql
Purl
pkg:deb/tuxcare/php7.2-pgsql?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-phpdbg

Package

Name
php7.2-phpdbg
Purl
pkg:deb/tuxcare/php7.2-phpdbg?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-pspell

Package

Name
php7.2-pspell
Purl
pkg:deb/tuxcare/php7.2-pspell?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-readline

Package

Name
php7.2-readline
Purl
pkg:deb/tuxcare/php7.2-readline?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-recode

Package

Name
php7.2-recode
Purl
pkg:deb/tuxcare/php7.2-recode?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-snmp

Package

Name
php7.2-snmp
Purl
pkg:deb/tuxcare/php7.2-snmp?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-soap

Package

Name
php7.2-soap
Purl
pkg:deb/tuxcare/php7.2-soap?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-sqlite3

Package

Name
php7.2-sqlite3
Purl
pkg:deb/tuxcare/php7.2-sqlite3?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-sybase

Package

Name
php7.2-sybase
Purl
pkg:deb/tuxcare/php7.2-sybase?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-tidy

Package

Name
php7.2-tidy
Purl
pkg:deb/tuxcare/php7.2-tidy?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-xml

Package

Name
php7.2-xml
Purl
pkg:deb/tuxcare/php7.2-xml?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-xmlrpc

Package

Name
php7.2-xmlrpc
Purl
pkg:deb/tuxcare/php7.2-xmlrpc?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-xsl

Package

Name
php7.2-xsl
Purl
pkg:deb/tuxcare/php7.2-xsl?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"
php7.2-zip

Package

Name
php7.2-zip
Purl
pkg:deb/tuxcare/php7.2-zip?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.24-0ubuntu0.18.04.17+tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1757014652.json"