{"vulnerability": "CVE-2025-1861", "sightings": [{"uuid": "676381d2-24f5-48c4-b978-9352eae71536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1861", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lkea5pp6o62d", "content": "", "creation_timestamp": "2025-03-14T18:23:03.484216Z"}, {"uuid": "ecd9077c-1938-467d-93ec-4c62da66ff54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1861", "type": "seen", "source": "https://bsky.app/profile/remirepo.bsky.social/post/3lkcy2yftts27", "content": "", "creation_timestamp": "2025-03-14T06:25:41.460712Z"}, {"uuid": "18faf802-82ea-489c-954a-d0a808f9a28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1861", "type": "seen", "source": "https://bsky.app/profile/remirepo.bsky.social/post/3lkn5b43pwc2d", "content": "", "creation_timestamp": "2025-03-18T07:25:13.028926Z"}, {"uuid": "84aa5b6b-a874-490b-8da7-230f7989d94a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1861", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9544", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1861\n\ud83d\udd25 CVSS Score: 6.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.\n\ud83d\udccf Published: 2025-03-30T05:57:57.894Z\n\ud83d\udccf Modified: 2025-03-30T05:57:57.894Z\n\ud83d\udd17 References:\n1. https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff", "creation_timestamp": "2025-03-30T06:32:00.000000Z"}, {"uuid": "03f6712e-abf7-4132-b539-bf35d249b701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1861", "type": "seen", "source": "https://t.me/anti_malware/20065", "content": "\ud83d\udee0\ufe0f PHP \u0441\u043d\u043e\u0432\u0430 \u043b\u0430\u0442\u0430\u0435\u0442 \u0434\u044b\u0440\u044b: \u043d\u0430 5 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u0435\u043d\u044c\u0448\u0435, \u043d\u043e \u0440\u0438\u0441\u043a\u0438 \u0431\u044b\u043b\u0438 \u0437\u043d\u0430\u0442\u043d\u044b\u0435! \ud83d\udc18\ud83d\udca8\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0441\u043d\u043e\u0432\u0430 \u0432\u0437\u044f\u043b\u0438 \u043c\u043e\u043b\u043e\u0442\u043e\u043a \u0438 \u0437\u0430\u043a\u043e\u043b\u043e\u0442\u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0434\u044b\u0440 \u0432 \u043a\u043e\u0434\u0435! \ud83d\udd28\ud83d\udea7 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u043f\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0435\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u0430\u0448\u0435 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0432 \u0448\u0432\u0435\u0439\u0446\u0430\u0440\u0441\u043a\u0438\u0439 \u0441\u044b\u0440 \u0434\u043b\u044f \u0445\u0430\u043a\u0435\u0440\u043e\u0432. \ud83e\uddc0\n\n\ud83e\ude79 CVE-2025-1861 \u2014 \ud83e\udd26\u200d\u2642\ufe0f \u0411\u0443\u0444\u0435\u0440 \u043f\u043e\u0434 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a Location \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043c\u0430\u043b\u043e\u0432\u0430\u0442 (1024 \u0431\u0430\u0439\u0442\u0430 \u0432\u043c\u0435\u0441\u0442\u043e 8000). \u0418\u0442\u043e\u0433: \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u043e\u043f\u0430\u0441\u0442\u044c \u0432\u0430\u0436\u043d\u044b\u0435 \u0447\u0430\u0441\u0442\u0438 URI \u0438\u043b\u0438 \u0434\u0430\u0436\u0435 \u0441\u043b\u0443\u0447\u0438\u0442\u044c\u0441\u044f \u0440\u0435\u0434\u0438\u0440\u0435\u043a\u0442\u043d\u044b\u0439 \u0445\u0430\u043e\u0441! \ud83d\udd04\n\ud83e\ude79 CVE-2025-1734 \u2014 \ud83d\udd75\ufe0f\u200d\u2642\ufe0f \u0417\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0438 \u0431\u0435\u0437 \u0434\u0432\u043e\u0435\u0442\u043e\u0447\u0438\u044f \u0438\u043b\u0438 \u0441 \u043f\u0440\u043e\u0431\u0435\u043b\u043e\u043c \u043f\u0435\u0440\u0435\u0434 \u043d\u0438\u043c \u043d\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0438, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442, \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043d\u0443\u0442\u044c request smuggling \u0438 \u0448\u043f\u0438\u043e\u043d\u0438\u0442\u044c \u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u043c\u0438! \ud83d\ude08\n\ud83e\ude79 CVE-2025-1217 \u2014 \ud83d\udcdc \u041f\u0430\u0440\u0441\u0435\u0440 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0447\u0438\u0442\u0430\u043b \u0441\u0432\u0435\u0440\u043d\u0443\u0442\u044b\u0435 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0438, \u0447\u0442\u043e \u043c\u043e\u0433\u043b\u043e \u0441\u043b\u043e\u043c\u0430\u0442\u044c MIME-\u0442\u0438\u043f\u044b \u0438 \u043f\u043e\u0434\u043f\u043e\u0440\u0442\u0438\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u0443 \u0440\u0435\u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0432. \ud83c\udfad\n\ud83e\ude79 CVE-2025-1219 \u2014 \ud83d\udd04 libxml \u043f\u0443\u0442\u0430\u043b\u0441\u044f \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u0445 \u0440\u0435\u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0432, \u0438\u0437-\u0437\u0430 \u0447\u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438. \u041a\u0442\u043e \u0442\u0430\u043c \u0445\u043e\u0442\u0435\u043b \u00ab\u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0439 \u043f\u0430\u0440\u0441\u0438\u043d\u0433 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u00bb? \ud83c\udfab\ud83d\udeaa\n\ud83e\ude79 CVE-2025-1736 \u2014 \ud83d\udce1 \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 check_has_header \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u0430 \u043a \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0438 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Authorization) \u043f\u0440\u043e\u0441\u0442\u043e \u043d\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438\u0441\u044c. \u042d\u0442\u043e \u043c\u043e\u0433\u043b\u043e \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS \u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b. \ud83e\udd37\u200d\u2642\ufe0f", "creation_timestamp": "2025-03-18T18:06:01.000000Z"}, {"uuid": "67332ab2-8c52-43f4-97a7-b8287612fec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1861", "type": "seen", "source": "https://t.me/cvedetector/21512", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1861 - Apache HTTP Server URL Truncation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-1861 \nPublished : March 30, 2025, 6:15 a.m. | 1\u00a0hour, 55\u00a0minutes ago \nDescription : In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-30T10:34:17.000000Z"}]}