CVE-2025-58450

pREST (PostgreSQL REST), is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a patch to mitigate such attempts.
CVSS

No CVSS.

Configurations

No configuration.

History

09 Sep 2025, 14:15

Type Values Removed Values Added
References () https://github.com/prest/prest/security/advisories/GHSA-p46v-f2x8-qp98 - () https://github.com/prest/prest/security/advisories/GHSA-p46v-f2x8-qp98 -

08 Sep 2025, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-09-08 22:15

Updated : 2026-06-17 09:44


NVD link : CVE-2025-58450

Mitre link : CVE-2025-58450

CVE.ORG link : CVE-2025-58450


JSON object : View

Products Affected

No product.

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')