CNNVD-202509-358 Information

CNNVD ID

CNNVD-202509-358

Related CVE

CVE-2014-125127

• CNNVD Published: 2025-09-03

Description (Chinese)

Flight是Mike Cao个人开发者的一个PHP微框架。 Flight v1.2之前版本存在安全漏洞，该漏洞源于Request类构造函数中请求体急切加载，可能导致拒绝服务攻击。

Description (English)

Flight is a PHP microframe for Mike Cao’s personal developer. There was a security loophole in the pre-Flight v1.2 version, which originated in the Request tectonic function, requesting urgent loading, which could lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-03

Last Modified

2026-02-24

References

https://github.com/Checkmarx/Vulnerabilities-Proofs-of-Concept/tree/main/2014/CVE-2014-125127 https://github.com/mikecao/flight/commit/da40e03eb4a39745107912dffe926a8fce0d38dc https://github.com/mikecao/flight/pull/125

Patch

https://github.com/flightphp/core/releases