CVE-2025-14177

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions php7.4 php8.2 php8.4

Description High-severity flaws exist in PHP versions 7.4, 8.2, and 8.4 running on Debian Linux and Mageia 9. These flaws are identified by identifiers that are not included in this summary.

Recommendations Update to a newer version of php7.4 that contains a fix for this vulnerability. Update to a newer version of php8.2 that contains a fix for this vulnerability. Update to a newer version of php8.4 that contains a fix for this vulnerability.

Exploit

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-524CWE-125

Related Identifiers

ALSA-2026:1409

ALSA-2026:1412

ALSA-2026:1429

ALSA-2026:1628

ALSA-2026:2470

ALSA-2026:2799

AZL-73195

AZL-73240

BDU:2026-02748

BIT-LIBPHP-2025-14177

BIT-PHP-2025-14177

BIT-PHP-MIN-2025-14177

CVE-2025-14177

DSA-6088-1

GHSA-3237-QQM7-MFV7

MGASA-2025-0330

OESA-2026-1020

OESA-2026-1021

OESA-2026-1022

OESA-2026-1023

OESA-2026-1024

OESA-2026-1025

OESA-2026-1026

OPENSUSE-SU-2025:15837-1

OPENSUSE-SU-2026:20113-1

RHSA-2026:1409

RHSA-2026:1412

RHSA-2026:1429

RHSA-2026:1628

RHSA-2026:2470

RHSA-2026:2799

RHSA-2026:7614

SUSE-SU-2026:0071-1

SUSE-SU-2026:0086-1

SUSE-SU-2026:20146-1

USN-7953-1

Affected Products

Alt Linux

Debian

Linuxmint

Php7.4

Php8.2

Php 8.4

Red Os

Rocky Linux

Ubuntu

CVE-2025-14177

Weakness Enumeration

Related Identifiers

Affected Products

References · 131