GHSA-8x27-jwjr-8545

Опубликовано: 01 мая 2025

Источник: github

Github: Прошло ревью

CVSS3: 10

Описание

SQL injection in ADOdb PostgreSQL driver pg_insert_id() method

Improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data.

Note that the indicated Severity corresponds to a worst-case usage scenario.

Impact

PostgreSQL drivers (postgres64, postgres7, postgres8, postgres9).

Patches

Vulnerability is fixed in ADOdb 5.22.9 (11107d6d6e5160b62e05dff8a3a2678cf0e3a426).

Workarounds

Only pass controlled data to pg_insert_id() method's $fieldname parameter, or escape it with pg_escape_identifier() first.

References

Issue https://github.com/ADOdb/ADOdb/issues/1070
Blog post by Marco Nappi

Credits

Thanks to Marco Nappi (@mrcnpp) for reporting this vulnerability.

Ссылки

Пакеты

Наименование

adodb/adodb-php

composer

Затронутые версииВерсия исправления

<= 5.22.8

5.22.9

EPSS

Процентиль: 27%

0.00092

Низкий

10 Critical

CVSS3

CVE ID

CVE-2025-46337

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-46337

CVSS3: 10

ubuntu

4 месяца назад

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data. This issue has been patched in version 5.22.9.