vulnerability
SUSE: CVE-2025-1220: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Jul 13, 2025 | Jul 23, 2025 | Nov 4, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Jul 13, 2025
Added
Jul 23, 2025
Modified
Nov 4, 2025
Description
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.
Solutions
suse-upgrade-apache2-mod_php7suse-upgrade-apache2-mod_php8suse-upgrade-php7suse-upgrade-php7-bcmathsuse-upgrade-php7-bz2suse-upgrade-php7-calendarsuse-upgrade-php7-clisuse-upgrade-php7-ctypesuse-upgrade-php7-curlsuse-upgrade-php7-dbasuse-upgrade-php7-develsuse-upgrade-php7-domsuse-upgrade-php7-embedsuse-upgrade-php7-enchantsuse-upgrade-php7-exifsuse-upgrade-php7-fastcgisuse-upgrade-php7-fileinfosuse-upgrade-php7-fpmsuse-upgrade-php7-ftpsuse-upgrade-php7-gdsuse-upgrade-php7-gettextsuse-upgrade-php7-gmpsuse-upgrade-php7-iconvsuse-upgrade-php7-intlsuse-upgrade-php7-jsonsuse-upgrade-php7-ldapsuse-upgrade-php7-mbstringsuse-upgrade-php7-mysqlsuse-upgrade-php7-odbcsuse-upgrade-php7-opcachesuse-upgrade-php7-opensslsuse-upgrade-php7-pcntlsuse-upgrade-php7-pdosuse-upgrade-php7-pgsqlsuse-upgrade-php7-pharsuse-upgrade-php7-posixsuse-upgrade-php7-readlinesuse-upgrade-php7-shmopsuse-upgrade-php7-snmpsuse-upgrade-php7-soapsuse-upgrade-php7-socketssuse-upgrade-php7-sodiumsuse-upgrade-php7-sqlitesuse-upgrade-php7-sysvmsgsuse-upgrade-php7-sysvsemsuse-upgrade-php7-sysvshmsuse-upgrade-php7-testsuse-upgrade-php7-tidysuse-upgrade-php7-tokenizersuse-upgrade-php7-xmlreadersuse-upgrade-php7-xmlrpcsuse-upgrade-php7-xmlwritersuse-upgrade-php7-xslsuse-upgrade-php7-zipsuse-upgrade-php7-zlibsuse-upgrade-php8suse-upgrade-php8-bcmathsuse-upgrade-php8-bz2suse-upgrade-php8-calendarsuse-upgrade-php8-clisuse-upgrade-php8-ctypesuse-upgrade-php8-curlsuse-upgrade-php8-dbasuse-upgrade-php8-develsuse-upgrade-php8-domsuse-upgrade-php8-embedsuse-upgrade-php8-enchantsuse-upgrade-php8-exifsuse-upgrade-php8-fastcgisuse-upgrade-php8-ffisuse-upgrade-php8-fileinfosuse-upgrade-php8-fpmsuse-upgrade-php8-fpm-apachesuse-upgrade-php8-ftpsuse-upgrade-php8-gdsuse-upgrade-php8-gettextsuse-upgrade-php8-gmpsuse-upgrade-php8-iconvsuse-upgrade-php8-intlsuse-upgrade-php8-ldapsuse-upgrade-php8-mbstringsuse-upgrade-php8-mysqlsuse-upgrade-php8-odbcsuse-upgrade-php8-opcachesuse-upgrade-php8-opensslsuse-upgrade-php8-pcntlsuse-upgrade-php8-pdosuse-upgrade-php8-pgsqlsuse-upgrade-php8-pharsuse-upgrade-php8-posixsuse-upgrade-php8-readlinesuse-upgrade-php8-shmopsuse-upgrade-php8-snmpsuse-upgrade-php8-soapsuse-upgrade-php8-socketssuse-upgrade-php8-sodiumsuse-upgrade-php8-sqlitesuse-upgrade-php8-sysvmsgsuse-upgrade-php8-sysvsemsuse-upgrade-php8-sysvshmsuse-upgrade-php8-testsuse-upgrade-php8-tidysuse-upgrade-php8-tokenizersuse-upgrade-php8-xmlreadersuse-upgrade-php8-xmlwritersuse-upgrade-php8-xslsuse-upgrade-php8-zipsuse-upgrade-php8-zlib
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.