GO-2025-3941 pREST has a Systemic SQL Injection Vulnerability in github.com/prest/prest

pREST has a Systemic SQL Injection Vulnerability in github.com/prest/prest...

CVE-2025-58450

pREST PostgreSQL REST, is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a...

CVE-2025-58450

pREST PostgreSQL REST, is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a...

pREST has a Systemic SQL Injection Vulnerability

Summary pREST provides a simple way for users to expose access their database via a REST-full API. The project is implemented using the Go programming language and is designed to expose access to Postgres database tables. During an independent review of the project, Doyensec engineers found that...

GHSA-P46V-F2X8-QP98 pREST has a Systemic SQL Injection Vulnerability

Summary pREST provides a simple way for users to expose access their database via a REST-full API. The project is implemented using the Go programming language and is designed to expose access to Postgres database tables. During an independent review of the project, Doyensec engineers found that...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via improper handling of user-supplied input in the SelectSQL process and other query construction logic. An attacker can execute arbitrary SQL commands on the underlying database by supplying crafted values in HTTP reques...

CVE-2025-58450 pREST has Systemic SQL Injection Vulnerability

pREST PostgreSQL REST, is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a...

CVE-2025-58450 pREST has Systemic SQL Injection Vulnerability

pREST PostgreSQL REST, is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a...

CVE-2025-58450 pREST has Systemic SQL Injection Vulnerability

pREST PostgreSQL REST, is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a...

CVE-2025-58450

Summary: CVE-2025-58450 affects pREST (PostgreSQL REST), a REST API on top of PostgreSQL. The vulnerability is a SQL injection in versions prior to 2.0.0-rc3 due to inadequate validation; a patch exists in 2.0.0-rc3. The primary risk details indicate high impact on confidentiality, integrity, and...

pRESTd SQL注入漏洞

pRESTd is an interface to prest open source. A SQL injection vulnerability exists in versions prior to pRESTd 2.0.0-rc3, which stems from insufficient input validation and is vulnerable to SQL injection attacks...

PT-2025-36515

Name of the Vulnerable Software and Affected Versions: pREST versions prior to 2.0.0-rc3 Description: pREST PostgreSQL REST is an API that delivers an application on top of a Postgres database. Multiple SQL injection flaws exist due to insufficient input validation when constructing SQL queries...

Malicious code in test-mlw2-whang-prest (npm)

The package test-mlw2-whang-prest was found to contain malicious code...

Malicious code in test-mlw2-bairn-prest (npm)

The package test-mlw2-bairn-prest was found to contain malicious code...

MAL-2025-34924 Malicious code in test-mlw2-bairn-prest (npm)

The package test-mlw2-bairn-prest was found to contain malicious code...

MAL-2025-36622 Malicious code in test-mlw2-whang-prest (npm)

The package test-mlw2-whang-prest was found to contain malicious code...

GO-2024-3011 pREST vulnerable to jwt bypass + sql injection in github.com/prest/prest

pREST vulnerable to jwt bypass + sql injection in github.com/prest/prest...

pREST vulnerable to jwt bypass + sql injection

Summary Probably jwt bypass + sql injection or what i'm doing wrong? PoC how to reproduce 1. Create following files: docker-compose.yml: services: postgres: image: postgres containername: postgrescontainermre environment: POSTGRESUSER: testuserpg POSTGRESPASSWORD: testpasspg POSTGRESDB: testdb...

GHSA-WM25-J4GW-6VR3 pREST vulnerable to jwt bypass + sql injection

Summary Probably jwt bypass + sql injection or what i'm doing wrong? PoC how to reproduce 1. Create following files: docker-compose.yml: services: postgres: image: postgres containername: postgrescontainermre environment: POSTGRESUSER: testuserpg POSTGRESPASSWORD: testpasspg POSTGRESDB: testdb...