CVE-2025-1220

LOW

CVSS v3

3.7

LOW

EPSS Score

0.2%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.

Technical Details

CVSS v3 Vector
3.1
Published
7/13/2025
Last Modified
11/4/2025

Frequently Asked Questions

What is CVE-2025-1220?

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.

Is CVE-2025-1220 actively exploited?

Active exploitation of CVE-2025-1220 has not been confirmed. The EPSS score is 0.2%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2025-1220?

CVE-2025-1220 has a CVSS v3 base score of 3.7 (LOW severity), with vector string 3.1.

Is CVE-2025-1220 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.