VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/jackc/pgx

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-41889 critical 9.8 9.8 20d ago pgx: SQL Injection via placeholder confusion with dollar quoted string literals debiansusegolang
CVE-2024-27304 critical 9.8 9.8 2y ago pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message si… debiangolang
CVE-2024-27289 high 8.1 8.1 2y ago pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder fo… debiangolang