CVE-2025-6491

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
phpCNA
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
phpphp
8.1.0 ≤
𝑥
< 8.1.33
phpphp
8.2.0 ≤
𝑥
< 8.2.29
phpphp
8.3.0 ≤
𝑥
< 8.3.23
phpphp
8.4.0 ≤
𝑥
< 8.4.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
php7.4
bullseye
vulnerable
bullseye (security)
7.4.33-1+deb11u9
fixed
php8.2
bookworm
vulnerable
bookworm (security)
8.2.29-1~deb12u1
fixed
php8.4
forky
8.4.11-1
fixed
sid
8.4.11-1
fixed
trixie
8.4.11-1
fixed
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x
https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x