CVE-2025-1219

MEDIUM

CVSS v3

5.3

MEDIUM

EPSS Score

0.1%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.

Technical Details

Published
3/30/2025

Frequently Asked Questions

What is CVE-2025-1219?

In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.

Is CVE-2025-1219 actively exploited?

Active exploitation of CVE-2025-1219 has not been confirmed. The EPSS score is 0.1%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2025-1219?

CVE-2025-1219 has a CVSS v3 base score of 5.3 (MEDIUM severity).

Is CVE-2025-1219 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.