CVE-2025-46337

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-46337

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46337.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-46337

Aliases

GHSA-8x27-jwjr-8545

Related

UBUNTU-CVE-2025-46337

Published

2025-05-01T18:15:57Z

Modified

2025-05-17T14:25:15.824889Z

Summary

[none]

Details

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pginsertid() with user-supplied data. This issue has been patched in version 5.22.9.

References

Affected packages

Debian:11 / libphp-adodb

Package

Name: libphp-adodb
Purl: pkg:deb/debian/libphp-adodb?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.20.19-1

5.20.19-1+deb11u1

5.21.0~beta.1-1

5.21.0-1

5.21.4-1

5.22.7-0.1~bpo12+1

5.22.7-0.1

5.22.8-0.1

5.22.9-0.1~bpo12+1

5.22.9-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libphp-adodb

Package

Name: libphp-adodb
Purl: pkg:deb/debian/libphp-adodb?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.21.4-1

5.22.7-0.1~bpo12+1

5.22.7-0.1

5.22.8-0.1

5.22.9-0.1~bpo12+1

5.22.9-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libphp-adodb

Package

Name: libphp-adodb
Purl: pkg:deb/debian/libphp-adodb?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.22.9-0.1

Affected versions

5.*

5.21.4-1

5.22.7-0.1~bpo12+1

5.22.7-0.1

5.22.8-0.1

5.22.9-0.1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/adodb/adodb

Affected ranges

Type: GIT
Repo: https://github.com/adodb/adodb
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

11107d6d6e5160b62e05dff8a3a2678cf0e3a426

Affected versions

v5.*

v5.00beta

v5.01beta

v5.02

v5.02a

v5.03

v5.04

v5.05

v5.06

v5.07

v5.08

v5.08a

v5.09

v5.09a

v5.10

v5.11

v5.12

v5.13

v5.14

v5.15

v5.16

v5.16a

v5.17

v5.18

v5.18a

v5.19

v5.20.0

v5.20.1

v5.20.10

v5.20.11

v5.20.12

v5.20.13

v5.20.14

v5.20.15

v5.20.16

v5.20.17

v5.20.18

v5.20.19

v5.20.2

v5.20.20

v5.20.21

v5.20.3

v5.20.4

v5.20.5

v5.20.6

v5.20.7

v5.20.8

v5.20.9

v5.21.0

v5.21.0-beta.1

v5.21.0-rc.1

v5.21.1

v5.21.2

v5.21.3

v5.21.4

v5.22.0

v5.22.1

v5.22.2

v5.22.3

v5.22.4

v5.22.5

v5.22.6

v5.22.7

v5.22.8