CVE-2025-1861

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-1861

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-1861.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-1861

Aliases

Downstream

BELL-CVE-2025-1861

DEBIAN-CVE-2025-1861

DLA-4088-1

DSA-5878-1

MINI-2ppq-hc77-6vv6

MINI-8g9j-2p33-6rxg

MINI-c355-6pfq-p7q4

MINI-xqxw-jc5g-3x6q

OESA-2025-1302

OESA-2025-1303

OESA-2025-1304

OESA-2025-1305

OESA-2025-1306

RHSA-2025:15687

RHSA-2025:4263

RHSA-2025:7418

RHSA-2025:7431

RHSA-2025:7432

RHSA-2025:7489

RLSA-2025:4263

RLSA-2025:7418

RLSA-2025:7431

RLSA-2025:7432

RLSA-2025:7489

SUSE-SU-2025:0994-1

SUSE-SU-2025:1012-1

SUSE-SU-2025:1025-1

SUSE-SU-2025:1026-1

UBUNTU-CVE-2025-1861

USN-7400-1

USN-7645-1

openSUSE-SU-2025:14895-1

Related

Published

2025-03-30T06:15:14Z

Modified

2025-08-11T15:13:41.218582Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type: GIT
Repo: https://github.com/php/php-src
Events: Introduced

381ba9f5d0edd0c9c8ec1dea7e21d513ad08b115

Fixed

38123aca18c3c1bd1f109ec77af2f175d7afcf35