Количество 19
Количество 19
GHSA-8xr5-qppj-gvwj
NULL Pointer Dereference in PDO quoting
CVE-2025-14180
In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.
CVE-2025-14180
In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.
CVE-2025-14180
In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.
CVE-2025-14180
NULL Pointer Dereference in PDO quoting
CVE-2025-14180
In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before ...
BDU:2026-00449
Уязвимость объектно-ориентированного прикладного программного интерфейса PDO интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20260514-73-0003
Уязвимость php
openSUSE-SU-2026:20113-1
Security update for php8
SUSE-SU-2026:0086-1
Security update for php8
SUSE-SU-2026:0071-1
Security update for php8
RLSA-2026:1628
Important: php security update
RLSA-2026:1429
Important: php:8.3 security update
ELSA-2026-1628
ELSA-2026-1628: php security update (IMPORTANT)
ELSA-2026-1429
ELSA-2026-1429: php:8.3 security update (IMPORTANT)
RLSA-2026:1412
Important: php:8.2 security update
RLSA-2026:1409
Important: php:8.2 security update
ELSA-2026-1412
ELSA-2026-1412: php:8.2 security update (IMPORTANT)
ELSA-2026-1409
ELSA-2026-1409: php:8.2 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-8xr5-qppj-gvwj NULL Pointer Dereference in PDO quoting | 1% Низкий | 6 месяцев назад | |
 | CVE-2025-14180 In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server. | CVSS3: 7.5 | 1% Низкий | 6 месяцев назад |
 | CVE-2025-14180 In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server. | CVSS3: 7.5 | 1% Низкий | 6 месяцев назад |
 | CVE-2025-14180 In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server. | CVSS3: 7.5 | 1% Низкий | 6 месяцев назад |
 | CVE-2025-14180 NULL Pointer Dereference in PDO quoting | CVSS3: 5.9 | 1% Низкий | 6 месяцев назад |
| CVE-2025-14180 In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before ... | CVSS3: 7.5 | 1% Низкий | 6 месяцев назад |
 | BDU:2026-00449 Уязвимость объектно-ориентированного прикладного программного интерфейса PDO интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 3.7 | 1% Низкий | 9 месяцев назад |
 | ROS-20260514-73-0003 Уязвимость php | CVSS3: 3.7 | 1% Низкий | около 1 месяца назад |
 | openSUSE-SU-2026:20113-1 Security update for php8 | 5 месяцев назад | ||
| SUSE-SU-2026:0086-1 Security update for php8 | 5 месяцев назад | ||
| SUSE-SU-2026:0071-1 Security update for php8 | 5 месяцев назад | ||
 | RLSA-2026:1628 Important: php security update | 5 месяцев назад | ||
| RLSA-2026:1429 Important: php:8.3 security update | 5 месяцев назад | ||
| ELSA-2026-1628 ELSA-2026-1628: php security update (IMPORTANT) | 5 месяцев назад | ||
| ELSA-2026-1429 ELSA-2026-1429: php:8.3 security update (IMPORTANT) | 5 месяцев назад | ||
| RLSA-2026:1412 Important: php:8.2 security update | 5 месяцев назад | ||
| RLSA-2026:1409 Important: php:8.2 security update | 5 месяцев назад | ||
| ELSA-2026-1412 ELSA-2026-1412: php:8.2 security update (IMPORTANT) | 5 месяцев назад | ||
| ELSA-2026-1409 ELSA-2026-1409: php:8.2 security update (IMPORTANT) | 5 месяцев назад |
Уязвимостей на страницу