Advisories ยป MGASA-2025-0179

Updated php-adodb packages fix security vulnerability

Publication date: 08 Jun 2025
Modification date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46337

Description

ADOdb is a PHP database class library that provides abstractions for
performing queries and managing databases. Prior to version 5.22.9,
improper escaping of a query parameter may allow an attacker to execute
arbitrary SQL statements when the code using ADOdb connects to a
PostgreSQL database and calls pg_insert_id() with user-supplied data.
This issue has been patched in version 5.22.9 - CVE-2025-46337.
                

References

SRPMS

9/core