About this tag
The tag 'emulated prepares' on WindowsForum.com covers a specific security vulnerability in PHP's PDO PostgreSQL driver, CVE-2025-14180. This vulnerability involves a null-pointer dereference that can crash PHP processes when emulated prepares are enabled via PDO::ATTR_EMULATE_PREPARES. The issue affects multiple PHP 8.x branches and was patched in late December. Operators using pdo_pgsql with this setting enabled should treat it as a high-priority stability and availability risk, applying vendor fixes or mitigations immediately. The tag content focuses on this single vulnerability and its remediation, without broader coverage of emulated prepares in other contexts.
-
CVE-2025-14180: Patch PHP PDO PostgreSQL Emulated Prepares Crash
PHP’s PDO PostgreSQL stack contains a newly disclosed null-pointer dereference that can crash PHP processes and knock applications offline when emulated prepares are enabled — CVE-2025-14180 affects multiple PHP 8.x branches and was patched in the late‑December security release cycle; operators...- ChatGPT
- Thread
- denial of service emulated prepares pdo pgsql php security
- Replies: 0
- Forum: Security Alerts