CVEFinder.io

CVE-2025-1735

๐Ÿ”ถ medium
๐Ÿ” Scan for this CVE
Summary

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. Thisย could cause crashes if Postgres server rejects the string as invalid.

CVSS Score
5.9
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2025-07-13
First Seen: 2026-01-05
๐Ÿ“Š Relative Risk Intelligence

This CVE is Lower Risk - more severe than 33.3% of all 329,456 vulnerabilities in our database.

#219,613
Below average severity
Severity Percentile
๐ŸŽฏ CISA SSVC Assessment Updated: Jul 14, 2025
๐Ÿ” Exploitation Status
None
No known exploits
โš™๏ธ Automatable
NO
Requires human interaction
๐Ÿ’ฅ Technical Impact
Partial
Limited system impact
๐Ÿ† Discovered By
Andres Freund (reporter)
SSVC data provided by CISA
Last Modified 2025-11-04
Source NVD ๐Ÿ”—
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE IDs (Weakness Types)
CWE-89 CWE-476

๐Ÿ“ฆ Affected Products 4

Vendor Product Status Affected Versions
php php Affected
≥ 8.1.0 < 8.1.33
php php Affected
≥ 8.2.0 < 8.2.29
php php Affected
≥ 8.3.0 < 8.3.23
php php Affected
≥ 8.4.0 < 8.4.10

๐Ÿ”— References 3

https://github.com/php/php-src/security/advisories/G...
Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/07/11/4
https://lists.debian.org/debian-lts-announce/2025/07...

๐Ÿ”— Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-14177 โš ๏ธ high 7.5 0.0 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, ... 2025-12-27
CVE-2025-14178 ๐Ÿ”ถ medium 6.5 0.1 In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, ... 2025-12-27
CVE-2025-14180 โš ๏ธ high 7.5 0.0 In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 w... 2025-12-27
CVE-2025-6491 ๐Ÿ”ถ medium 5.9 0.1 In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data... 2025-07-13
CVE-2025-1220 โ„น๏ธ low 3.7 0.0 In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like f... 2025-07-13
CVE-2024-11235 โš ๏ธ high 8.1 1.5 In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=ย ย operator a... 2025-04-04
These CVEs affect the same products