PHP:
2016-06-30

The url parsing functions of the PECL HTTP extension allow overflowing a buffer with data originating from an arbitrary HTTP request.

CVE-2016-5873
pecl-http-2.5.3p3.tgz