CVE-2025-14177

CWE-125Out-of-bounds Read9 documents8 sources
Severity
6.3MEDIUM
EPSS
0.1%
top 81.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
PHP Group PHPPHP PHP
Timeline
PublishedDec 27
Latest updateJan 12

Description

In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data a

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Affected Packages9 packages

NVDphp/php8.1.08.1.34+4
CVEListV5php_group/php8.1.*8.1.34+4
Debianphp8.2< 8.2.30-1~deb12u1
Debianphp8.4< 8.4.16-1~deb13u1+1
Ubuntuphp8.1< 8.1.2-1ubuntu2.23

🔴Vulnerability Details

3
OSV
php7.2, php7.4, php8.1, php8.3, php8.4 vulnerabilities2026-01-12
CVEList
Information Leak of Memory in getimagesize2025-12-27
OSV
CVE-2025-14177: In PHP versions:82025-12-27

📋Vendor Advisories

4
Ubuntu
PHP vulnerabilities2026-01-12
Red Hat
php: PHP: Information disclosure via getimagesize() function when reading multi-chunk images2025-12-27
Microsoft
Information Leak of Memory in getimagesize2025-12-09
Debian
CVE-2025-14177: php7.4 - In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-14177 Impact, Exploitability, and Mitigation Steps | Wiz