vulnerability

Alma Linux: CVE-2025-1219: Moderate: php:8.2 security update (Multiple Advisories)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Mar 30, 2025
Added
Apr 30, 2025
Modified
Nov 13, 2025

Description

In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.

Solutions

alma-upgrade-apcu-panelalma-upgrade-libzipalma-upgrade-libzip-develalma-upgrade-libzip-toolsalma-upgrade-phpalma-upgrade-php-bcmathalma-upgrade-php-clialma-upgrade-php-commonalma-upgrade-php-dbaalma-upgrade-php-dbgalma-upgrade-php-develalma-upgrade-php-embeddedalma-upgrade-php-enchantalma-upgrade-php-ffialma-upgrade-php-fpmalma-upgrade-php-gdalma-upgrade-php-gmpalma-upgrade-php-intlalma-upgrade-php-ldapalma-upgrade-php-mbstringalma-upgrade-php-mysqlndalma-upgrade-php-odbcalma-upgrade-php-opcachealma-upgrade-php-pdoalma-upgrade-php-pearalma-upgrade-php-pecl-apcualma-upgrade-php-pecl-apcu-develalma-upgrade-php-pecl-redis6alma-upgrade-php-pecl-rrdalma-upgrade-php-pecl-xdebug3alma-upgrade-php-pecl-zipalma-upgrade-php-pgsqlalma-upgrade-php-processalma-upgrade-php-snmpalma-upgrade-php-soapalma-upgrade-php-xml

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today