PT-2025-52599 · Php+6 · Php+6

Aleksey Solovev

Published

2025-01-01

Updated

2026-05-14

CVE-2025-14180

CVSS v4.0

8.2

High

Vector

AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions PHP versions prior to 8.4.16-1~deb13u1 PHP versions 7.4 PHP versions 8.2

Description Several security issues were identified in PHP, a scripting language, potentially leading to denial of service or memory disclosure.

Recommendations Upgrade php8.4 packages to version 8.4.16-1~deb13u1. Upgrade php7.4 packages to a newer version. Upgrade php8.2 packages to a newer version.

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2026:1409

ALSA-2026:1412

ALSA-2026:1429

ALSA-2026:1628

AZL-73201

AZL-73234

BDU:2026-00449

BIT-LIBPHP-2025-14180

BIT-PHP-2025-14180

BIT-PHP-MIN-2025-14180

CVE-2025-14180

DSA-6088-1

GHSA-8XR5-QPPJ-GVWJ

MGASA-2025-0330

OESA-2026-1022

OESA-2026-1023

OESA-2026-1024

OESA-2026-1025

OPENSUSE-SU-2025:15837-1

OPENSUSE-SU-2026:20113-1

RHSA-2026:1169

RHSA-2026:1185

RHSA-2026:1187

RHSA-2026:1190

RHSA-2026:1409

RHSA-2026:1412

RHSA-2026:1429

RHSA-2026:1628

RHSA-2026:7614

SUSE-SU-2026:0071-1

SUSE-SU-2026:0086-1

SUSE-SU-2026:20146-1

USN-7953-1

Affected Products

Alt Linux

Debian

Linuxmint

Php

Red Os

Rocky Linux

Ubuntu

CVE-2025-14180

Weakness Enumeration

Related Identifiers

Affected Products

References · 100