Updated php-adodb packages fix security vulnerability
Publication date: 08 Jun 2025Modification date: 08 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46337
Description
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data. This issue has been patched in version 5.22.9 - CVE-2025-46337.
References
SRPMS
9/core
- php-adodb-5.22.9-1.mga9