0
CRITICAL
0
HIGH
1
MEDIUM
0
LOW
1
POC
0
KEV
Monthly
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
PHP
Authentication Bypass
Redhat
Suse
NVD
GitHub
CVSS 4.0
6.3
EPSS
0.1%
CVE-2025-1219
EPSS 0%
CVSS 6.3
MEDIUM
POC
PATCH
This Month
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
PHP
Authentication Bypass
Redhat
+1
NVD
GitHub