CVE-2026-48979— php-standard-library 输入验证错误漏洞

PHP Standard Library: HTTP/2 server-side missing content-length validation enables request smuggling

PHP Standard Library (PSL) is set of APIs covering async, collections, networking, I/O, cryptography, terminal UI, etc. In versions 6.1.0, 6.1.1 and 6.2.0, the Psl\H2\ServerConnection does not validate that the total bytes received in DATA frames match the content-length header declared in the HEADERS frame, allowing request smuggling. This is in violation of RFC 9113 §8.1.1. A malicious client is able to send more DATA bytes than declared, smuggling additional content past application-level size limits and send fewer DATA bytes than declared and close the stream early, causing applications that trust the declared length to behave incorrectly. The vulnerability is only reachable for consumers using Psl\H2\ServerConnection directly to accept untrusted client traffic. Consumers of documented high-level PSL APIs are not affected. This issue has been fixed in versions 6.1.2 and 6.2.1.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

HTTP请求的解释不一致性(HTTP请求私运)

php-standard-library 输入验证错误漏洞

php-standard-library php-standard-library是php-standard-library的一款PHP标准库集合。 php-standard-library 6.1.0版本、6.1.1版本和6.2.0版本存在输入验证错误漏洞，该漏洞源于Psl\H2\ServerConnection未验证DATA帧接收的总字节数与HEADERS帧声明的content-length标头匹配，导致请求夹带，攻击者可利用此漏洞绕过应用层大小限制或提前关闭流，造成应用程序行为异常。

N/A

N/A