CVE-2025-1735
EUVD-2025-2127313.07.2025, 23:15
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. ThisĀ could cause crashes if Postgres server rejects the string as invalid.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| php | php | 8.1.0 ≤ 𝑥 < 8.1.33 |
| php | php | 8.2.0 ≤ 𝑥 < 8.2.29 |
| php | php | 8.3.0 ≤ 𝑥 < 8.3.23 |
| php | php | 8.4.0 ≤ 𝑥 < 8.4.10 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| php8.1 |
| ||||||||||||
| php5 |
| ||||||||||||
| php7.0 |
| ||||||||||||
| php7.2 |
| ||||||||||||
| php7.4 |
| ||||||||||||
| php8.3 |
| ||||||||||||
| php8.4 |
|