Vulnerability Description
pREST (PostgreSQL REST), is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a patch to mitigate such attempts.
Related Weaknesses (CWE)
References
- https://github.com/prest/prest/commit/47d02b87842900f77d76fc694d9aa7e983b0711c
- https://github.com/prest/prest/security/advisories/GHSA-p46v-f2x8-qp98
- https://github.com/prest/prest/security/advisories/GHSA-p46v-f2x8-qp98
FAQ
What is CVE-2025-58450?
CVE-2025-58450 is a documented vulnerability. pREST (PostgreSQL REST), is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0...
How severe is CVE-2025-58450?
CVSS scoring is not yet available for CVE-2025-58450. Check NVD for updates.
Is there a patch for CVE-2025-58450?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.