CVE-2025-1861

Public on 2025-03-18
Modified on 2025-03-18
Description
Stream HTTP wrapper truncate redirect location to 1024 bytes
Severity
Medium severity
Medium
CVSS v3 Base Score
6.5
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
HAQM Linux 2 - Core php Pending Fix
HAQM Linux 2 - Php8.2 Extra php 2025-03-26 ALAS2PHP8.2-2025-007 Fixed
HAQM Linux 1 php56 No Fix Planned
HAQM Linux 2023 php8.1 2025-03-26 ALAS2023-2025-916 Fixed
HAQM Linux 2023 php8.2 2025-04-09 ALAS2023-2025-936 Fixed
HAQM Linux 2023 php8.3 2025-03-26 ALAS2023-2025-922 Fixed

CVSS Scores

Score Type Score Vector
HAQM Linux CVSSv3 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

References

Red Hat: CVE-2025-1861 Mitre: CVE-2025-1861