Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-1735

Опубликовано: 13 июл. 2025
Источник: debian

Описание

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
php8.4fixed8.4.10-1package
php8.2removedpackage
php7.4removedpackage

Примечания

  • https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3

  • Fixed by: https://github.com/php/php-src/commit/9376aeef9f8ff81f2705b8016237ec3e30bdee44 (php-8.1.33)

Связанные уязвимости

CVSS3: 5.9
ubuntu
20 дней назад

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.

CVSS3: 5.9
redhat
29 дней назад

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.

CVSS3: 5.9
nvd
20 дней назад

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.

github
около 1 месяца назад

pgsql extension does not check for errors during escaping

suse-cvrf
11 дней назад

Security update for php8