2 matches found
CVE-2026-32286 Denial of service in github.com/jackc/pgproto3/v2
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
PT-2026-28437
Name of the Vulnerable Software and Affected Versions versions prior to 2026-32286 Description The DataRow.Decode function does not correctly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, resulting in a slice bounds o...