It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-922 advisory. NOTE:https://github.com/php/php-src/security/advisories/GHSA- rwp7-7vc6-8477https://www.tenable.com/cve/CVE-2024-11235 VersionThis vulnerability is present only in PHP 8.3+. The PHP 8.2 and versions before are not impacted.() (CVE-2024-11235) Header parser of `http` stream wrapper does not handle folded headers. (CVE-2025-1217) When requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. (CVE-2025-1219) Streams HTTP wrapper does not fail for headers with invalid name and no colon. (CVE-2025-1734) Stream HTTP wrapper header check might omit basic auth header. (CVE-2025-1736) Stream HTTP wrapper truncate redirect location to 1024 bytes (CVE-2025-1861) Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. File data…Read More