Search CVE reports
1 – 2 of 2 results
Some fixes available 2 of 3
The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
1 affected package
pygresql
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pygresql | — | — | — | — |
Some fixes available 21 of 24
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte...
14 affected packages
amarok, dovecot, exim4, libapache2-mod-auth-pgsql, php5...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| amarok | — | — | — | — |
| dovecot | — | — | — | — |
| exim4 | — | — | — | — |
| libapache2-mod-auth-pgsql | — | — | — | — |
| php5 | — | — | — | — |
| postfix | — | — | — | — |
| postgresql | — | — | — | — |
| postgresql-7.4 | — | — | — | — |
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |
| psycopg | — | — | — | — |
| psycopg2 | — | — | — | — |
| pygresql | — | — | — | — |
| python-pgsql | — | — | — | — |