Description
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 11 | | =7.4.21-1+deb11u1 || =7.4.25-1+deb11u1 || =7.4.26-1 || =7.4.28-1+deb11u1 || =7.4.30-1+deb11u1 || =7.4.33-1+deb11u1 || =7.4.33-1+deb11u3 || =7.4.33-1+deb11u4 || =7.4.33-1+deb11u5 || =7.4.33-1+deb11u6 || =7.4.33-1+deb11u7 || =7.4.33-1+deb11u8 || >=0 <7.4.33-1+deb11u9 | 7.4.33-1+deb11u9 |
debian 12 | | =8.2.10-1 || =8.2.10-2 || =8.2.12-1 || =8.2.16-1 || =8.2.16-2 || =8.2.17-1 || =8.2.18-1 || =8.2.18-1~deb12u1 || =8.2.20-1~deb12u1 || =8.2.20-2 || =8.2.20-3 || =8.2.21-1 || =8.2.23-1 || =8.2.24-1 || =8.2.24-1~deb12u1 || =8.2.26-1~deb12u1 || =8.2.26-4 || =8.2.27-1 || =8.2.28-1~deb12u1 || =8.2.5-2 || =8.2.7-1 || =8.2.7-1.1 || =8.2.7-1.2 || =8.2.7-1~deb12u1 || >=0 <8.2.29-1~deb12u1 | 8.2.29-1~deb12u1 |
debian 13 | | | 8.4.10-1 |
debian 14 | | | 8.4.10-1 |
 rpm rhel9 | | - | - |
rpm rhel10 | | - | - |
rpm rhel8 | | <0:7.4.33-3.module+el8.10.0+23902+d3c8dd8f | 0:7.4.33-3.module+el8.10.0+23902+d3c8dd8f |
rpm rhel6 | | - | - |
rpm rhel7 | | - | - |
