Debian Bug report logs -
#1004376
libphp-adodb: CVE-2021-3850 - Authentication Bypass in PostgreSQL connections
Package:
src:libphp-adodb;
Maintainer for src:libphp-adodb is Cameron Dale <camrdale@gmailcom>;
Reported by: Neil Williams <codehelp@debianorg>
Date: Wed, 26 Jan 2022 08:45:02 UTC
Severity: grave
Tags: se ...
Emmet Leahy reported that libphp-adodb, a PHP database abstraction layer
library, allows to inject values into a PostgreSQL connection string
Depending on how the library is used this flaw can result in
authentication bypass, reveal a server IP address or have other
unspecified impact
For the oldstable distribution (buster), this problem has been ...