CVE-2025-1217

MEDIUM Year: 2025
CVSS v3 Score
3.1
Low
Weakness Type
CWE-20
View all →

Vulnerability Description

In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc.

Related Vulnerabilities

CVE-2016-9009

LOW
CVSS:3.1(Low)

IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.

CWE-202016

CVE-2018-10947

LOW
CVSS:3.1(Low)

An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted.

CWE-202018

CVE-2020-7957

LOW
CVSS:3.1(Low)

The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing > character exists. This causes a deni...

CWE-202020

CVE-2021-38957

LOW
CVSS:3.1(Low)

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. IBM X-Force ID: 212040.

CWE-202021

CVE-2024-41945

LOW
CVSS:3.1(Low)

fuels-ts is a library for interacting with Fuel v2. The typescript SDK has no awareness of to-be-spent transactions causing some transactions to fail or silently get pruned as they are funded with alr...

CWE-202024

CVE-2024-46901

LOW
CVSS:3.1(Low)

Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, l...

CWE-202024