← Back to CVE List

CVE-2025-1734

Published: 2025-03-30T06:15Z
Last Modified: 2025-03-30T06:15Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving headers from HTTP server, the headers missing a colon (:) are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt