{"id":"CLSA-2025-1744723009","summary":"php: Fix of CVE-2025-1861","details":"- CVE-2025-1861: move allocation of location from heap to stack, add error checking\n  for location length","modified":"2026-05-27T11:18:27.372297129Z","published":"2025-04-15T13:16:54Z","upstream":["CVE-2025-1861"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/centos8.4-els/CLSA-2025-1744723009.html"}],"affected":[{"package":{"name":"php","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-bcmath","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-bcmath?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-cli","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-cli?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-common","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-common?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-dba","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-dba?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-dbg","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-dbg?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-devel","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-devel?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-embedded","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-embedded?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-enchant","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-enchant?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-ffi","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-ffi?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-fpm","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-fpm?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-gd","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-gd?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-gmp","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-gmp?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-intl","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-intl?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-json","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-json?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-ldap","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-ldap?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-mbstring","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-mbstring?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-mysqlnd","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-mysqlnd?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-odbc","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-odbc?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-opcache","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-opcache?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-pdo","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-pdo?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-pgsql","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-pgsql?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-process","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-process?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-snmp","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-snmp?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-soap","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-soap?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-xml","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-xml?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}},{"package":{"name":"php-xmlrpc","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/php-xmlrpc?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.4.6-4.module_el8.4.0+2285+2a8eb59c.tuxcare.els21"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2025-1744723009.json"}}],"schema_version":"1.7.5"}