CVEFinder.io

CVE-2025-1735

🔶 medium
Summary

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.

CVSS Score
5.9
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2025-07-13
First Seen: 2026-01-05
Last Modified 2025-11-04
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE IDs (Weakness Types)
CWE-89 CWE-476

🔗 References 3

https://github.com/php/php-src/security/advisories/G...
Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/07/11/4
https://lists.debian.org/debian-lts-announce/2025/07...

📦 Affected Products 4

Vendor Product Status Affected Versions
php php Affected
≥ 8.1.0 < 8.1.33
php php Affected
≥ 8.2.0 < 8.2.29
php php Affected
≥ 8.3.0 < 8.3.23
php php Affected
≥ 8.4.0 < 8.4.10

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-14177 ⚠️ high 7.5 0.0 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, ... 2025-12-27
CVE-2025-14178 🔶 medium 6.5 0.1 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, ... 2025-12-27
CVE-2025-14180 ⚠️ high 7.5 0.0 In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 w... 2025-12-27
CVE-2025-6491 🔶 medium 5.9 0.1 In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data... 2025-07-13
CVE-2025-1220 ℹ️ low 3.7 0.0 In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like f... 2025-07-13
CVE-2024-11235 ⚠️ high 8.1 1.5 In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=  operator a... 2025-04-04
These CVEs affect the same products