VDB

CESS-2025-1735

CESS-2025-1735 PUBLISHED CVSS 7.5 HIGH

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Timeline

  • Jul 13, 2025 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›