A recent security audit of PHP’s PDO ecosystem uncovered a denial-of-service vector in the pdo_pgsql driver that can crash PHP processes when emulated prepared statements are enabled. PDO’s parser assumes a valid zend_string and dereferences it, triggering a NULL pointer dereference (SIGSEGV). The issue is tracked as CVE-2025-14180 and rated Moderate (6.3/10). PDO implements two […]
The post PHP PDO Emulated Prepares Expose pdo_pgsql to NULL Pointer Dereference Crash appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: