CNNVD-202507-1799 Information

CNNVD ID

CNNVD-202507-1799

Related CVE

CVE-2025-1735

• CNNVD Published: 2025-07-13

Description (Chinese)

PHP是PHP的一种在服务器端执行的脚本语言。 PHP 8.1.33之前版本、8.2.29之前版本、8.3.23之前版本和8.4.10之前版本存在安全漏洞，该漏洞源于pgsql和pdo_pgsql转义函数未检查引用函数是否返回错误，可能导致崩溃。

Description (English)

PHP is a script language executed by PHP at the server end. PHP 8.1.33, 8.2.29, 8.3.23 and 8.4.10 have a security loophole that originates from the pgsql and pdo pgsql conversion functions that do not check whether the reference function returns an error and may lead to a breakdown.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

PHP

Published

2025-07-13

Last Modified

2026-02-24

References

https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3 https://vigilance.fr/vulnerability/PHP-SQL-injection-via-Pgsql-Extension-Error-Checking-47595

Patch

https://github.com/php/php-src/releases