Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-41889

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, SQL injection can occur when the non-default simple protocol is used, a dollar quoted...

9.8CVSS5.7AI score0.00356EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/22 8:46 p.m.101 views

pgx: SQL Injection via placeholder confusion with dollar quoted string literals

Impact SQL Injection can occur when: 1. The non-default simple protocol is used. 2. A dollar quoted string literal is used in the SQL query. 3. That string literal contains text that would be would be interpreted as a placeholder outside of a string literal. 4. The value of that placeholder is...

9.8CVSS5.9AI score0.00356EPSS
Exploits0References5Affected Software3
Snyk
Snyk
added 2026/04/22 8:46 p.m.5 views

SQL Injection

Overview github.com/jackc/pgx/v5/internal/sanitize is a PostgreSQL driver and toolkit Affected versions of this package are vulnerable to SQL Injection when using the simple protocol with dollar quoted string literals. An attacker can execute arbitrary SQL commands by crafting input that is...

9.8CVSS6.3AI score0.00356EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/22 8:46 p.m.3 views

SQL Injection

Overview github.com/jackc/pgx/internal/sanitize is a PostgreSQL driver and toolkit Affected versions of this package are vulnerable to SQL Injection when using the simple protocol with dollar quoted string literals. An attacker can execute arbitrary SQL commands by crafting input that is...

9.8CVSS6.3AI score0.00356EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/22 8:46 p.m.5 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection when using the simple protocol with dollar quoted string literals. An attacker can execute arbitrary SQL commands by crafting input that is interpreted as a placeholder within a dollar quoted string literal. Note: This is...

9.8CVSS6.1AI score0.00356EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 8:46 p.m.4 views

GHSA-J88V-2CHJ-QFWX pgx: SQL Injection via placeholder confusion with dollar quoted string literals

Impact SQL Injection can occur when: 1. The non-default simple protocol is used. 2. A dollar quoted string literal is used in the SQL query. 3. That string literal contains text that would be would be interpreted as a placeholder outside of a string literal. 4. The value of that placeholder is...

2.3CVSS5.9AI score0.00356EPSS
Exploits0References5
Rows per page
Query Builder