Showing 1 - 1 of 1

CVE-2024-27289

Status Candidate

Overview

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a string value after the first placeholder; both must be on the same line; and both parameter values must be user-controlled. The problem is resolved in v4.18.2. As a workaround, do not use the simple protocol or do not place a minus directly before a placeholder.

Related Files

Red Hat Security Advisory 2024-1321-03: Posted Mar 14, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1321-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes. Issues addressed include a remote SQL injection vulnerability.; tags | advisory, remote, sql injection; systems | linux, redhat; advisories | CVE-2024-27289; SHA-256 | d95d3241f282a5f42e6af5a8ac241179ef6329f681c625f25b533245c13ac448; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
indoushka 125 files
Ubuntu 91 files
Gentoo 33 files
Debian 25 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,107)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,890)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,777)
UNIX (9,440)
UnixWare (187)
Windows (6,676)
Other

CVE-2024-27289

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems