AI description
CVE-2025-14179 describes a vulnerability within the PDO Firebird driver in specific versions of PHP. This flaw affects PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6. The vulnerability arises from the improper handling of NUL bytes during the preparation of SQL queries. When a string token containing a NUL byte is copied via `strncat()`, the function stops at the NUL byte, which can cause the closing quote of the string to be dropped. This leads to subsequent SQL tokens being misinterpreted as part of the string, ultimately allowing for SQL injection when attacker-controlled values are quoted using `PDO::quote()` and embedded in SQL statements.
- Description
- In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat(), which stops at the NUL byte, dropping the closing quote and causing subsequent SQL tokens to be interpreted as part of the string. This allows SQL injection when attacker-controlled values are quoted via PDO::quote() and embedded in SQL statements.
- Source
- security@php.net
- NVD status
- Analyzed
- Products
- php
CVSS 4.0
- Type
- Secondary
- Base score
- 7.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:Amber
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@php.net
- CWE-89
- Hype score
- Not currently trending
kusanagi-php83 Module Update 8.3.31-1 https://t.co/0x80HohKZ5 KUSANAGI 9 modules have been updated. The updated modules are as follows: php 8.3.31-1 This update includes support for vulnerability(CVE-2026-6735, CVE-2026-7259, CVE-2025-14179, CVE-2026-6722, CVE-2026-7261,...
@kusanagi_saya
13 May 2026
277 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
kusanagi-php83 Module Update 8.3.31-1.el9 https://t.co/wDkcoX52Wl KUSANAGI 9 modules have been updated. The updated modules are as follows: php 8.3.31-1.el9 This update includes support for vulnerability(CVE-2026-6735, CVE-2026-7259, CVE-2025-14179, CVE-2026-6722,...
@kusanagi_saya
13 May 2026
251 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
kusanagi-php82 Module Update 8.2.31-1 https://t.co/YxuOm7OObb KUSANAGI 9 modules have been updated. The updated modules are as follows: php 8.2.31-1 This update includes support for vulnerability(CVE-2026-6735, CVE-2026-7259, CVE-2025-14179, CVE-2026-6722, CVE-2026-7261,...
@kusanagi_saya
12 May 2026
203 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
kusanagi-php82 Module Update 8.2.31-1.el9 https://t.co/qwCc7UNVWk KUSANAGI 9 modules have been updated. The updated modules are as follows: php 8.2.31-1.el9 This update includes support for vulnerability(CVE-2026-6735, CVE-2026-7259, CVE-2025-14179, CVE-2026-6722,...
@kusanagi_saya
12 May 2026
196 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-14179 In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when prepa… https://t.co/D1PTFsnA86
@CVEnew
10 May 2026
292 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-14179 SQL Injection in PHP PDO Firebird Driver via NUL Byte Handling https://t.co/fA36PXbOxV
@VulmonFeeds
10 May 2026
258 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A892B6FF-F4EB-40C6-8DD0-D2246A71D271",
"versionEndExcluding": "8.2.31",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DBBB51D-F0C4-4CEC-9B6B-33D0BF0044A5",
"versionEndExcluding": "8.3.31",
"versionStartIncluding": "8.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA663C03-392C-41CC-BD11-4A1245203C42",
"versionEndExcluding": "8.4.21",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6101DA12-5AA1-4882-A52A-61FB74254F9A",
"versionEndExcluding": "8.5.6",
"versionStartIncluding": "8.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]