pREST (PostgreSQL REST), is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a patch to mitigate such attempts.
CVSS
No CVSS.
References
Configurations
No configuration.
History
09 Sep 2025, 14:15
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/prest/prest/security/advisories/GHSA-p46v-f2x8-qp98 - |
08 Sep 2025, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-09-08 22:15
Updated : 2026-06-17 09:44
NVD link : CVE-2025-58450
Mitre link : CVE-2025-58450
CVE.ORG link : CVE-2025-58450
JSON object : View
Products Affected
No product.
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
