It was discovered that PHP incorrectly parsed certain HTTP response headers. An attacker could possibly use this issue to cause incorrect MIME type parsing which could result in unexpected behavior. (CVE-2025-1217)
It was discovered that PHP did not properly validate certain HTTP headers. An attacker could possibly use this issue to perform an HTTP request smuggling attack. (CVE-2025-1734)
It was discovered that PHP did not properly validate certain HTTP headers. An attacker could possibly use this issue to prevent certain headers from being sent which could result in a denial of service or other unexpected behavior. (CVE-2025-1736)
It was discovered that PHP incorrectly performed URL truncation. An attacker could possibly use this issue to specially craft a URL that would result in unintended redirections or a denial of service. (CVE-2025-1861)
7.0.33-0ubuntu0.16.04.16+esm157.2.24-0ubuntu0.18.04.17+esm8