CVE-2024-27304
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| jackc | pgx | < 4.18.2 | affected |
| jackc | pgx | >= 5.0.0, < 5.5.4 | affected |
Weaknesses
- CWE-89: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
- CWE-190: CWE-190: Integer Overflow or Wraparound
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
- https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv
- https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8
- https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007
- https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4
- https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8
- https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df
References
- https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv
- https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8
- https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007
- https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4
- https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8
- https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df
- https://www.youtube.com/watch?v=Tfg1B8u1yvE
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.