CVE-2025-58450

EUVD-2025-27177
pREST (PostgreSQL REST), is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a patch to mitigate such attempts.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
Common Weakness Enumeration
References
https://github.com/prest/prest/commit/47d02b87842900f77d76fc694d9aa7e983b0711c
https://github.com/prest/prest/security/advisories/GHSA-p46v-f2x8-qp98
https://github.com/prest/prest/security/advisories/GHSA-p46v-f2x8-qp98