PT-2025-52598 · Php7.4+9 · Php7.4+9

Niels Dossche

·

Published

2025-01-01

·

Updated

2026-05-14

·

CVE-2025-14178

CVSS v3.1

8.2

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Name of the Vulnerable Software and Affected Versions PHP versions prior to 8.4.16-1~deb13u1 PHP 7.4 (affected versions not specified) PHP 8.2 (affected versions not specified)
Description Several security issues were identified in PHP, a scripting language, potentially leading to denial of service or memory disclosure.
Recommendations Upgrade php8.4 packages to version 8.4.16-1~deb13u1. At the moment, there is no information about a newer version that contains a fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Integer Overflow

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-120CWE-787

Related Identifiers

ALSA-2026:1409
ALSA-2026:1412
ALSA-2026:1429
ALSA-2026:1628
ALSA-2026:2470
ALSA-2026:2799
AZL-73198
AZL-73237
BDU:2026-02749
BIT-LIBPHP-2025-14178
BIT-PHP-2025-14178
BIT-PHP-MIN-2025-14178
CVE-2025-14178
DSA-6088-1
GHSA-H96M-RVF9-JGM2
MGASA-2025-0330
OESA-2026-1020
OESA-2026-1021
OESA-2026-1022
OESA-2026-1023
OESA-2026-1024
OESA-2026-1025
OESA-2026-1026
OPENSUSE-SU-2025:15837-1
OPENSUSE-SU-2026:20113-1
RHSA-2026:1169
RHSA-2026:1185
RHSA-2026:1187
RHSA-2026:1190
RHSA-2026:1409
RHSA-2026:1412
RHSA-2026:1429
RHSA-2026:1628
RHSA-2026:2470
RHSA-2026:2799
RHSA-2026:4077
RHSA-2026:4086
RHSA-2026:4212
RHSA-2026:4266
RHSA-2026:4507
RHSA-2026:4514
RHSA-2026:4517
RHSA-2026:7614
SUSE-SU-2026:0071-1
SUSE-SU-2026:0086-1
SUSE-SU-2026:0245-1
SUSE-SU-2026:0370-1
SUSE-SU-2026:20146-1
USN-7953-1

Affected Products

Alt Linux
Debian
Linuxmint
Php
Php7.4
Php8.2
Red Os
Rocky Linux
Ubuntu
Php8.4