Security Advisory

CVE-2025-6491

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-07-13 22:10:15

Last updated 2025-11-04 21:14:48

Assigner php

State PUBLISHED

Description

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.

← Browse all CVEs View on cve.org ↗