11 matches found
Exploit for CVE-2024-27304
CVE-2024-27304-PoC references - DEF CON 32 - SQL Injectio...
Security Bulletin: IBM Instana Observability is vulnerable to SQL injection due to PostgreSQL driver and toolkit for Go, known as pgx.
Summary PostgreSQL driver and toolkit for Go, known as pgx is used by IBM Instana Observability Using third-party datastore Operators as part of the postgres operator CVE-2024-27304. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-2730...
CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5
CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5. A patched version of the package is available...
Moderate: Red Hat Security Advisory: ACS 4.3 enhancement and security update
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2024-27304
pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...
CVE-2024-27304
creationtimestamp| type| source ---|---|--- 2024-03-06 20:26:53+00:00| seen| https://t.me/ctinow/201763 2024-03-06 20:36:26+00:00| seen| https://t.me/ctinow/201784 2024-03-06 22:31:11+00:00| seen| https://t.me/ctinow/201857 2025-10-12 10:56:02+00:00| seen|...
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: k3s, spicedb, trillian-fips, step, amass, argo-workflows-fips, argo-workflows, temporal-server-fips, trillian, step-ca, keda-fips, falcosidekick-fips, wavefront-collector-for-kubernetes, ferretdb, caddy-fips, temporal-server, caddy, kube-bench-fips, kine, kots, src,...
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: step, trillian, amass, step-ca, k3s, kine, ferretdb, kube-bench, spicedb, temporal-server, caddy, kots, src, argo-workflows...
CVE-2024-27304 pgx SQL Injection via Protocol Message Size Overflow
pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...
CVE-2024-27304
CVE-2024-27304 affects pgx, a PostgreSQL driver/toolkit for Go. The vulnerability enables SQL injection when an attacker can cause a single query or Bind message to exceed 4 GB due to an integer overflow in message size calculation, which can cause the large message to be split into multiple mess...
CVE-2024-27304 pgx SQL Injection via Protocol Message Size Overflow
pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...